Smart device

ABSTRACT

An Internet of Thing (IoT) device includes a camera coupled to a processor; and a wireless transceiver coupled to the processor. Blockchain smart contracts can be used with the device to facilitate secure operation.

The present application claims priority to application Ser. Nos. 15/594,214 and 15/594,311 and 15/973,524, the content of which is incorporated by reference.

BACKGROUND

The emergence of smart devices such as Internet of Things (IOT) devices has provided intelligence to many common appliances and gears for sports.

IOT devices have appeared with features of autonomous operation. For example, smart sport gears monitor the users' behavior and improve or aid user performance. Smart cars can drive autonomously. Many other convenient and timesaving features are appearing in IOT devices.

In a parallel trend, the wealth of data generated by IOT devices can overwhelm the Internet cloud. Moreover, fraudulent and harmful activities arising from hacked IOT devices have potential to cause major disruptions to the Internet.

SUMMARY

In one aspect, an Internet of Thing (IoT) device includes a processor, sensor(s), and a wireless transceiver coupled to the processor.

These and other features of the present invention will become readily apparent upon further review of the following specification and drawings.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1A illustrates an exemplary environment for communicating data from a monitoring device to external computers, FIG. 1B is a schematic view of an exemplary IoT sport device system, and FIG. 1C is an exemplary process supported by the IoT device.

FIG. 2A is a block diagram of an electronic circuit for a smart device, while FIG. 2B is a block diagram of a big data system for predicting stress experienced by a structural unit such as a bridge, a building, or a plane, for example.

FIG. 3 is a flowchart illustrating one operation of the system of FIG. 2A-2B in detecting stress on a unit.

FIG. 4 shows an exemplary sports diagnosis and trainer system for augmented and/or virtual reality, FIG. 5 shows an exemplary process for augmented and/or virtual reality for viewers participating in a game, and FIG. 6 shows an exemplary process to identify reasons for sensor data changes using a gaming process.

FIG. 7 shows an exemplary smart band, FIG. 8 shows an exemplary glove, FIG. 9 shows exemplary smart clothing, and FIG. 10 shows exemplary smart balls.

FIG. 11A shows exemplary smart rackets while FIG. 11B shows electronics in the handle for golf clubs, rackets, or kung fu sticks.

FIG. 12A-12B show exemplary protective gears, while FIG. 12C shows an exemplary process to fabricate mass-customized protective gear;

FIGS. 13A-13I show exemplary blockchain smart contract processes.

FIGS. 13J-13N show exemplary chain of custody (CCC) and supply chain tracking system of drugs such as Cannabis.

FIGS. 14A-14H show exemplary IOT systems with blockchain and flowcharts detailing their operations.

FIGS. 14I-14J show exemplary blockchain energy delivery systems.

FIG. 15A shows an exemplary virtual reality camera mounted on a gear, and FIG. 15B shows exemplary augmented reality real-time coaching of a player such as a quarterback during fourth down.

FIG. 16A-16C shows exemplary coaching system for skiing, bicycling, and weightlifting/free style exercise, respectively, while FIG. 16D shows a kinematic modeling for detecting exercise motion which in turn allows precision coaching suggestions.

Similar reference characters denote corresponding features consistently throughout the attached drawings.

DETAILED DESCRIPTION

FIG. 1A illustrates an exemplary environment for communicating data from a monitoring device to external computers. In FIG. 1A, the monitoring device used for a sport device 9 includes an interface with a radio transmitter for forwarding the result of the comparison to a remote device. In one example, the monitoring device may include an additional switch and user interface. The user interface may be used by the user in order to trigger transmission of the comparison of the hand or foot pattern reference data with the stroke patterns data to the remote device. Alternatively, the transmission may occur automatically each time the device has been used, or may be triggered by placing the sport device in a cradle or base. All parts of the monitoring device may be encapsulated with each other and/or may be integrated into or attached to the body of the sport device 9. Alternatively, a radio transmitter may be arranged separately from the other parts, for instance, in a battery charger, cradle or base of the sport device 9. In that example, the interface 7 may include contact terminals in the sport device 9, which are connected to the corresponding terminals in the battery charger for forwarding the result of the comparison via a wired connection to the transmitter in the battery charger or may be connected by induction or short range wireless communications. The radio transmitter in the battery charger then transmits this comparison result further via the wireless radio connection to the remote device. In FIG. 1A, the remote device may be a mobile phone 16, PDA or computer 19, which receives the information directly from the monitoring device via a short range radio connection, as one example of a transmitter, such as a Bluetooth or a Wifi or a Zigbee connection. In one example, the user of the remote device may receive information about how thoroughly the sport device 9 has been used or the need to provide a replacement sport device. FIG. 1A also illustrates an alternate example of a transmitter, using an intermediate receiver 17 and a network 18, such as a cellular radio system. Also in this example, the radio transmitter may be located in connection with the sport device 9 or alternatively in connection, with a charger, cradle or base station of the sport device 9. In such an example, the comparison result may be transmitted via an intermediate receiver 17 and the network 18 to a remote device 19, 16 located further away than the range of a short range radio system, for example. The remove device 19, 16 may be any device suitable for receiving the signals from the network 18 and providing feedback on an output device. The transmission of information via a cellular radio system to the remote device may allow an advertiser provide an advertisement. For example, an advertisement may be added to the comparison result using network elements in the cellular radio system. The user may receive an advertisement with the comparison result. An advantage with such a solution is that the advertiser may provide revenue offsetting all or a portion of the cost for the transmission of the comparison result from the sport device 9 to the remote device 19, 16.

FIG. 1B shows a block diagram of the unit 9 with processor/RAM/ROM II. The unit 9 includes a motion sensor, a multi-axis accelerometer, and a strain gage 42. The multi-axis accelerometer may be a two-axis or three-axis accelerometer. Strain gage 21 is mounted in the neck of the racket, and measures force applied to the ball, i.e., force in a z direction. Acceleration and force data are acquired by the microprocessor at a data acquisition rate (sampling rate) of from about 10 to 50 samples/second, e.g., about 20 samples/second. The acceleration data is used to infer motion, using an algorithm discussed below; it is not converted to position data. In this embodiment, because the sensors and strain gage are not in the head region, the head can be removable and replaceable, e.g., by threaded engagement with the handle (not shown), so that the sport device can continue to be used after instrument wear has occurred. Any desired type of removable head or cartridge can be used.

The unit 11 also includes a camera, which can be a 360 degree camera. Alternatively, the camera can be a 3D camera such as the Kinect camera or the Intel RealSense camera for ease of generating 3D models and for detecting distance of objects. To reduce image processing load, each camera has a high performance GPU to perform local processing, and the processed images, sound, and odor data are uploaded to a cloud storage for subsequent analysis.

The unit 11 includes an electronic nose to detect odor. The electronic nose can simply be a MEMS device acting as a particle counter. An embodiment of the electronic nose can be used that includes a fan module, a gas molecule sensor module, a control unit and an output unit. The fan module is used to pump air actively to the gas molecule sensor module. The gas molecule sensor module detects the air pumped into by the fan module. The gas molecule sensor module at least includes a gas molecule sensor which is covered with a compound. The compound is used to combine preset gas molecules. The control unit controls the fan module to suck air into the electronic nose device. Then the fan module transmits an air current to the gas molecule sensor module to generate a detected data. The output unit calculates the detected data to generate a calculation result and outputs an indicating signal to an operator or compatible host computer according to the calculation result.

FIG. 1C schematically shows a method or app 2 which may be implemented by the computing unit 11 shown in FIG. 1B. For example, the app 2 may be a computer implemented method. A computer program may be provided for executing the app 2. The app 2 includes code for:

(21) capture user motion with accelerometer or gyroscope

(22) capture VR views through camera and process using GPU

(23) capture user emotion using facial recognition or GSR

(24) model user action using kinematic model

(25) compare user action with idea action

(26) coach user on improvement to user sport techniques.

The device can negotiate and enforce agreements with others blockchain smart contracts. The system may include one or more of the following:

code to determine trade settlement amounts and transfers funds automatically,

code to automatically pay coupon payments and returns principal upon bond expiration,

code to determine payout based on claim type and policy coverage,

code to collect insurance based on usage and upon a claim submission, code to determine payout based on claim type and policy coverage,

code to transfer electronic medical record from a source to a destination based on patient consent,

code to anonymously store wearable health data from wearable devices for public health monitoring,

a secured content and code to determine and distributes royalty to an author,

code for storing a stock certificate number with stock quantity,

code to determine a share registry or a capitalization table from each stock certificate number and stock quantity,

code to distribute shareholder communication from a share registry or a capitalization table,

code to collect secure shareholder votes from a share registry or a capitalization table for transparent corporate governance,

code to provide financial information to shareholder a share registry or a capitalization table for corporate governance,

code to enforce majority or supermajority shareholder votes from a share registry or a capitalization table for corporate governance,

code for supply chain management,

code for tracking chain of custody for an item, or

code for peer-to-peer transactions for between two computers.

As shown in FIG. 2A, a microcontroller 155 receives and processes signals from the sensor 112-114, and converts those signals into an appropriate digital electronic format. The microcontroller 155 wirelessly transmits tension information in the appropriate digital electronic format, which may be encoded or encrypted for secure communications, corresponding to the sensed traffic and/or crime indication through a wireless communication module or transceiver 160 and antenna 170. Optionally, a camera 140 can be provided to visually detect traffic and/or crime and movement of the structure. While monitoring of the smart device 100 traffic and/or crime is continuous, transmission of tension information can be continuous, periodic or event-driven, such as when the tension enters into a warning or emergency level. Typically the indicated tension enters a warning level, then an emergency level as tension drops below the optimal range, but corresponding warning and emergency levels above the optimal range can also be used if supported by the smart device 100. The microcontroller 155 is programmed with the appropriate warning and emergency levels, as well as internal damage diagnostics and self-recovery features.

The sensor 112-114, transceiver 160/antenna 170, and microcontroller 155 are powered by and suitable power source, which may optionally include an electromagnetic field (EMF) scavenging device 145, such as those known in the art, that convert ambient EMF (such as that emitted by radio station broadcasts) into small amounts of electrical power. The EMF scavenging device 145 includes a battery to buffer and store energy for the microcontroller 155, sensor 112-114, camera 140 and wireless communications 160/170, among others.

The circuit of FIG. 2A contains an analog front-end (“AFE”) transducer 150 for interfacing signals from the sensor 112-114 to the microcontroller 155. The AFE 150 electrically conditions the signals coming from the sensor 112-114 prior to their conversion by the microcontroller 155 so that the signals are electrically compatible with the specified input ranges of the microcontroller 155. The microcontroller 155 can have a CPU, memory and peripheral circuitry. The microcontroller 155 is electrically coupled to a wireless communication module 160 using either a standard or proprietary communication standard. Alternatively, the microcontroller 155 can include internally any or all circuitry of the smart device 100, including the wireless communication module 160. The microcontroller 155 preferably includes power savings or power management circuitry 145 and modes to reduce power consumption significantly when the microcontroller 155 is not active or is less active. The microcontroller 155 may contain at least one Analog-to-Digital Converter (ADC) channel for interfacing to the AFE 150.

The battery/power management module 145 preferably includes the electromagnetic field (EMF) scavenging device, but can alternatively run off of previously stored electrical power from the battery alone. The battery/power management module 145 powers all the circuitry in the smart device 100, including the camera 140, AFE 150, microcontroller 155, wireless communication module 160, and antenna 170. Even though the smart device 100 is preferably powered by continuously harvesting RF energy, it is beneficial to minimize power consumption. To minimize power consumption, the various tasks performed by the circuit should be repeated no more often than necessary under the circumstances.

Stress information from the smart device 100 and other information from the microcontroller 155 is preferably transmitted wirelessly through a wireless communication module 160 and antenna 170. As stated above, the wireless communication component can use standard or proprietary communication protocols. Smart lids 100 can also communicate with each other to relay information about the current status of the structure or machine and the smart device 100 themselves. In each smart device 100, the transmission of this information may be scheduled to be transmitted periodically. The smart lid 100 has a data storage medium (memory) to store data and internal status information, such as power levels, while the communication component is in an OFF state between transmission periods.

The electronic of FIG. 2A operates with a big data discovery system of FIG. 2B that determines events that may lead to failure. FIG. 2B is a block diagram of an example stress monitoring system 200 that may be process the stress detected by the smart device 100 of FIG. 1, arranged in accordance with at least some embodiments described herein. Along with the stress monitoring system 220, a first smart device such as a smart device 240, a second smart device 250, a third smart device 260, a fourth smart device 280, and additional sensors 270 may also be associated with the unit 200. The stress monitoring system 220 may include, but is not limited to, a transceiver module 222, a stress detection module 224, a stress prediction module 226, a determination module 228, a stress response module 232, an interface module 234, a processor 236, and a memory 238.

The transceiver module 222 may be configured to receive a stress report from each of the first, second, and third sport smart devices 240, 250, 260. In some embodiments, the transceiver module 222 may be configured to receive the stress reports over a wireless network. For example, the transceiver module 222 and the first, second, and third smart devices 240, 250, 260 may be connected over a wireless network using the IEEE 802.11 or IEEE 802.15 standards, for example, among potentially other standards. Alternately or additionally, the transceiver module 222 and the first, second, and third smart devices 240, 250, 260 may communicate by sending communications over conductors used to carry electricity to the first, second, and third smart devices 240, 250, 260 and to other electrical devices in the unit 200. The transceiver module 222 may send the stress reports from the first, second, and third smart devices 240, 250, 260 to the prediction module 226, the stress detection module 224, and/or the determination module 228.

The stress module 224 may be configured to detect stress on the sport object as detected by the devices 100. The signal sent by the devices 100 collectively may indicate the amount of stress being generated and/or a prediction of the amount of stress that will be generated. The stress detection module 224 may further be configured to detect a change in stress of non-smart devices associated with the unit 200.

The prediction module 226 may be configured to predict future stress based on past stress history as detected, environmental conditions, forecasted stress loads, among other factors. In some embodiments, the prediction module 226 may predict future stress by building models of usage and weight being transported. For example, the prediction module 226 may build models using machine learning based on support vector machines, artificial neural networks, or using other types of machine learning. For example, stress may correlate with the load carried by a bridge or an airplane structure. In other example, stress may correlate with temperature cycling when a structure is exposed to constant changes (such as that of an airplane).

The prediction module 226 may gather data for building the model to predict stress from multiple sources. Some of these sources may include, the first, second, and third smart devices 240, 250, 260; the stress detection module 224; networks, such as the World Wide Web; the interface module 234; among other sources. For example, the first, second, and third smart devices 240, 250, 260 may send information regarding human interactions with the first, second, and third smart devices 240, 250, 260. The human interactions with the first, second, and third smart devices 240, 250, 260 may indicate a pattern of usage for the first, second, and third smart devices 240, 250, 260 and/or other human behavior with respect to stress in the unit 200.

In some embodiments, the first, second, and third smart devices 240, 250, 260 may perform predictions for their own stress based on history and send their predicted stress in reports to the transceiver module 222. The prediction module 226 may use the stress reports along with the data of human interactions to predict stress for the system 200. Alternately or additionally, the prediction module 226 may make predictions of stress for the first, second, and third smart devices 240, 250, 260 based on data of human interactions and passed to the transceiver module 222 from the first, second, and third smart devices 240, 250, 260. A discussion of predicting stress for the first, second, and third smart devices 240, 250, 260 is provided below with respect to FIGS. 5 and 6.

The prediction module 224 may predict the stress for different amounts of time. For example, the prediction module 224 may predict stress of the system 200 for 1 hour, 2 hours, 12 hours, 1 day, or some other period. The prediction module 224 may also update a prediction at a set interval or when new data is available that changes the prediction. The prediction module 224 may send the predicted stress of the system 200 to the determination module 228. In some embodiments, the predicted stress of the system 200 may contain the entire stress of the system 200 and may incorporate or be based on stress reports from the first, second, and third smart devices 240, 250, 260. In other embodiments, the predicted stress of the system 200 may not incorporate or be based on the stress reports from the first, second, and third smart devices 240, 250, 260.

The determination module 228 may be configured to generate a unit stress report for the system 200. The determination module 228 may use the current stress of the system 200, the predicted stress of the system 200 received from the prediction module 224; stress reports from the first, second, and/or third smart devices 240, 250, 260, whether incorporated in the predicted stress of the system 200 or separate from the predicted stress of the system 200; and an amount of stress generated or the predicted amount of stress, to generate a unit stress report.

In some embodiments, one or more of the stress reports from the first, second, and/or third smart device 240, 250, 260 may contain an indication of the current operational profile and not stress. In these and other embodiments, the determination module 228 may be configured to determine the stress of a smart device for which the stress report indicates the current operational profile but not the stress. The determination module 228 may include the determined amount of stress for the smart device in the unit stress report. For example, both the first and second smart device 240, 250 may send stress report. The stress report from the first smart device 240 may indicate stress of the first smart device 240. The stress report from the second smart device 250 may indicate the current operational profile but not the stress of the second smart device 250. Based on the current operational profile of the second smart device 250, the determination module 228 may calculate the stress of the second smart device 250. The determination module 228 may then generate a unit stress report that contains the stress of both the first and second smart devices 240, 250.

In some embodiments, the stress monitoring system 220 may not include the prediction module 226. In these and other embodiments, the determination module 228 may use stress reports from the first, second, and/or third smart devices 240, 250, 260, with the received amount of stress inferred on non-smart devices, if any, to generate the unit stress report. The determination module 228 may send the unit stress report to the transceiver module 222.

In some embodiments, the processor 236 may be configured to execute computer instructions that cause the stress monitoring system 220 to perform the functions and operations described herein. The computer instructions may be loaded into the memory 238 for execution by the processor 236 and/or data generated, received, or operated on during performance of the functions and operations described herein may be at least temporarily stored in the memory 238.

Although the stress monitoring system 220 illustrates various discrete components, such as the prediction module 226 and the determination module 228, various components may be divided into additional components, combined into fewer components, or eliminated, depending on the desired implementation. In some embodiments, the unit 200 may be associated with more or less smart devices than the three smart devices 240, 250, 260 illustrated in FIG. 2.

FIG. 3 is a flow chart of an example method 300 of monitoring stress of a sport or game unit, arranged in accordance with at least some embodiments described herein. The method 300 may be implemented, in some embodiments, by an stress monitoring system, such as the stress monitoring system 220 of FIG. 2. For instance, the processor 236 of FIG. 2B may be configured to execute computer instructions to perform operations for monitoring stress as represented by one or more of blocks 302, 304, 306, 310, 312, and/or 314 of the method 300. Although illustrated as discrete blocks, various blocks may be divided into additional blocks, combined into fewer blocks, or eliminated, depending on the desired implementation.

The method 300 may begin at one or more of blocks 302, 304, and/or 306. The blocks 302, 304, and/or 306 may occur at the same time or at different times and may or may not depend on one another. Furthermore, one or more of the block 302, 304, 306 may occur during the method 300. For example, the method 300 may complete when blocks 304, 310, and 312 occurs and without the occurrence of block 302 and 306.

In block 302, a change in stress of a device (device or beam) associated with a unit may be detected. A non-smart device may by any device that receives stress and does not generate an stress report indicating its stress, for example a legacy racket without IoT electronics. A change in the stress of a non-smart device may be detected using an stress detection module and/or usage meter associated with the unit, such as the stress detection module 224 and/or the smart device 100. For example, non-smart device stress can be estimated by the load the unit carries, the temperature cycling experienced by the unit, for example.

After a change in stress of the non-smart device is detected, the method 300 proceeds to block 310. In block 304, a stress report from a smart device such as the smart device 100 associated with the unit may be received. A smart device may be a device that detects stress and generates and transmits an stress report indicating the stress on the smart device. The stress report may indicate predicted future stress of the smart device. In some embodiments, a stress report may be received at set intervals from the smart device regardless of a change in the stress report. Alternately or additionally, a stress report may be received after a change in the stress of the smart device results in a change to the stress report. After a stress report is received from the smart device, the method 300 proceeds to block 310.

In block 306, stress experienced at the unit may be detected. Stress at the unit may be detected using a stress detection module, such as the stress detection module 224 of FIG. 2B. After detecting stress at the unit, the method proceeds to block 310. At block 310, it is determined if a change in the stress occurred. For example, if an increase in stress occurs at the same time and at the same amount as an increase in the stress of a non-smart device, a change in the stress may not occur. If a change in the stress occurs, the method 300 proceeds to block 312. If no change occurs, the method 300 ends.

At block 312, a unit stress report is generated for the unit. In some embodiments, the unit stress report may indicate the current stress of the unit. Alternately or additionally, the unit stress report may indicate a current and predicted future stress of the unit. At block 314, the unit stress report is transmitted to a maintenance provider. In some embodiments, the unit stress report may be transmitted when the unit stress report indicates a change in stress for the unit that is greater than a predetermined threshold. If the unit stress report indicates a change in stress for the unit that is less than the predetermined threshold, the unit stress report may not be transmitted to the provider of maintenance services.

FIG. 5 shows in more details the computer 30 and the interface to the probe 20. An amplifier 90 amplifies vibratory output from a transducer 92. A pick up unit having an accelerometer (or an array) 96 receives reflected vibrations from user arm or leg 94, among others. A computer 98 includes a digital converter to digitize output from the pick-up unit and software on the computer 98 can process the captured diagnostic data. Diagnostic software 100 can include a database of known restorations, diseases, and tissue conditions whose signatures can be matched against the capture diagnostic data, and the result can be displayed on a screen for review by the athlete.

FIG. 6 is a flowchart of a method of an embodiment of the present disclosure. Referring to FIG. 6, a smart system may collect from smart devices state change events of a smart system in operation 601. That is, the smart system of FIG. 4 collects information on each of the group of devices, the smart devices, the smart appliances, the security devices, the lighting devices, the energy devices, and the like. The state change events indicate when there is a change in the state of the device or the surrounding environment. The state change events are stored by the smart system. In operation 603, the system may determine whether a series of the collected state change events are a known pattern. That is, the gateway determines whether there are events which have been correlated or identified in the past. If the collected state change events have been identified in the past, it may be necessary to determine that the smart system trusts the identification the collected state change events. The trust factor of the identification of the collected state change events may be determined by the number of users who have identified the collected state change events or the number of time collected state change events have been repeated and identified. In operation 605, when the series of the collected state change events is an unknown pattern, request users of the smart system to identify what caused the collected state change events request. That is, the system transmits to a gamification application (hereinafter app) on the user's mobile device a request to identify the collected state change events. The gamification app displays the information and request the user enter information identifying the collected state change events. Each of the mobile devices transmits this information back to the system to the gamification module. In operation 605, the system transmits the user's identified collected state change events to the other user's of the smart home system and they each vote on the best identification of the collected state change events. Thus, the identified collected change state events that have been repeatedly identified over a period of weeks increases, the trustworthiness of the identification increases. Likewise, if every user of the smart system makes the same identification of the collected change state events, the identified collected change state events may be considered trustworthy at point. Such a determination of a threshold for when the identified collected change state events are considered trustworthy and therefore need not be repeated, is made by a system administrator. However, it will be understood that such a trustworthiness of this type only gives higher confidence of this particular dataset at that point in time. As such further repetition is required, since the sensor data may have noise, the more datasets to be identified to the pattern, the more robust the trustworthiness will be. Until the robustness reaches a threshold, then the system can confirm this is a known trustworthy pattern.

Smart Sport Glove

FIG. 7 shows an exemplary glove which can be thin to provide touch sensitivity or thick to provide shock protection for boxers. A body 12 of the boxing glove 10 includes an impact measuring device 14 is embedded within the glove 12 in an area protected from direct impact. Such an area includes the cuff 15 of the glove 12 or that portion of the glove 12 adjacent a user's palm, or adjacent an inside surface of a user's fingers. Placement of the impact measuring device 14 into the lining of the glove in such an area allows for the force of a blow to be measured without presenting a hazard to the recipient of the blow. Under the embodiment, an impact measuring device 14 would be included in the right glove 12 for a right handed fighter, or the left glove 12 for a left handed fighter. For fighters that are equally effective with both hands, or to improve monitoring accuracy, an impact measuring device 14 would be included in both gloves 12. The impact measuring system 20. The impact measuring system 20 includes an impact measuring device 14 and impact display unit 16. The impact measuring device 14 is linked to the impact display 28 via a radio frequency (rf) link 32. Under the embodiment, the impact measuring device 14 includes at least one 3-axis accelerometer. A thin version of the glove can be worn to detect a golf stroke or a tennis stroke with legacy clubs or rackets that lacks IoT intelligence.

Smart Sport Band

FIG. 8 shows an exemplary stick on wearable monitoring device for sports and fitness applications. The wireless sensor electronics 14 is mounted on a band-aid in the example of FIG. 8. The band-aid can be removed upon completion of the sports event. The central patch can be recycled, and the adhesive portion can be disposed. While the embodiment is shown as a band-aid, the inventors contemplate that any suitable bands, straps, attachments can be used in lieu of the band-aid to attach the sensors to the body. For example, in Virtual Reality (VR) sports applications, sensors including gyroscopes and cameras can be positioned on various body portions to capture motion as well as eye tracking, mouth tracking, speech recognition, among others.

Smart Clothing

FIG. 9 shows an exemplary shirt based embodiment where sensors can be positioned anywhere on the shirt and when worn, can capture position, video, and vital signs. One embodiment uses Samsung's Bio-Processor to process the bio-signals it measures without the need of external processing parts with five AFEs including bioelectrical impedance analysis (BIA), photoplethysmogram (PPG), electrocardiogram (ECG), skin temperature, and galvanic skin response (GSR) into a single chip solution that measures body fat, and skeletal muscle mass, heart rate, heart rhythm, skin temperature and stress level, respectively. Features of the smart clothe can include:

Smart Handle

FIGS. 11A-11B show an exemplary smart handle for sports such as tennis, badminton, table tennis, and golf, among others. The wireless sensor electronics 14 is mounted on a handle in the example of FIG. 11B. The handle can be embedded or can be removed upon completion of the sports event. The sports event does not have to be real, for example, in Virtual Reality (VR) sports applications, sensors including gyroscopes and cameras can be positioned on various body portions to capture motion as well as eye tracking, mouth tracking, speech recognition, among others.

The handle includes a swing analyzer measurement portion 54 in the grip end 52 of the handle of a golf club or a tennis/badminton racket, and a remote or handheld unit 56. The swing analyzer measurement portion 54 includes an accelerometer 16 of combination accelerometer and gyroscope or magnetometer unit, a processor unit 58 coupled to the accelerometer 16, and a battery 20 that is electrically coupled to and provides power to the accelerometer 16 and processor unit 58. A camera is included to capture videos of the swing and also the game in progress for future reference. A communications unit 60 is also housed in the grip end 52 of the golf club 50, receives power from the battery 20, and is coupled to the processor unit 58. Swing analyzer measurement portion 54, with or without the communications unit 60, may be assembled as an integral unit and inserted into a hollow portion of the handle of the golf club or tennis/racket handle 50 at the grip end 52 thereof. Processor unit 58 may be an integrated device that includes hardware and software components capable of processing acceleration measured by the accelerometer(s) 16 and converting the measured acceleration into data about the force on the shaft and position of the face of the club at impact at a set distance. If the measured force exceeds a threshold the measured force or a signal derived therefrom is transmitted via the communications unit 60 to the handheld unit 56. If not, acceleration and face position at impact of the golf club or tennis racket handle 50 is obtained again. The threshold is set so that only acceleration or force measurements arising from actual swings of the golf club 50 are transmitted to the handheld unit 56.

Smart Protective Gear

FIGS. 12A-12C illustrate smart protective gears embedded with the IoT sensors and instrumentations to report potential health issues. For soccer, the protection includes shin guards. For football, the protection includes Helmets, Chin Straps Chin Shields, Cups Athletic Supporters, Elbow Sleeves Arm Pads, Back Plates Rib Protection, Facemasks, Girdles, Helmet Visors, Shoulder Pads, Hip Tail Pads, Mouthguards, Neck Rolls. For motorcycling, the protection includes helmet, should pads, jacket with back protection, padded gloves, leather pants, knee pads, and boots. For rock climbing, the protection includes shoes, carabiners, webbing, harnesses, among others.

The wireless sensor electronics 14 is mounted on the helmet or shoulder pad in the example of FIG. 12A or 12C. The electronics 14 can be embedded or can be removed upon completion of the sports event. The sports event does not have to be real, for example, in Virtual Reality (VR) sports applications, sensors including gyroscopes and cameras can be positioned on various body portions to capture motion as well as eye tracking, mouth tracking, speech recognition, among others.

The protection gear includes an impact sensor such as an accelerometer to indicate if concussion has occurred. Other sensors can be used as well. For example, the handle can contain conductive ink to capture biometric. One embodiment uses Samsung's Bio-Processor which is an all-in-one health solution chip to measure bioelectrical impedance analysis (BIA), photoplethysmogram (PPG), electrocardiogram (ECG), skin temperature, and galvanic skin response (GSR) into a single chip solution that measures body fat, and skeletal muscle mass, heart rate, heart rhythm, skin temperature and stress level, respectively. The handle can also contain other sensors including gyroscopes, temperature and pressure sensors, moisture sensors, clocks, chemical and/or biological sensors, etc.

Blockchain Authentication

The IoT machines can negotiate contracts on their own (without human) and exchange items of value by presenting an open transaction on the associated funds in their respective wallets. Blockchain token ownership is immediately transferred to a new owner after authentication and verification, which are based on network ledgers within a peer-to-peer network, guaranteeing nearly instantaneous execution and settlement.

A similar process is used to provide secure communications between IoT devices, which is useful for edge IoT devices. The industrial world is adding billions of new IoT devices and collectively these devices generate many petabytes of data each day. Sending all of this data to the cloud is not only very cost prohibitive but it also creates a greater security risk. Operating at the edge ensures much faster response times, reduced risks, and lower overall costs. Maintaining close proximity to the edge devices rather than sending all data to a distant centralized cloud, minimizes latency allowing for maximum performance, faster response times, and more effective maintenance and operational strategies. In addition to being highly secure, the system also significantly reduces overall bandwidth requirements and the cost of managing widely distributed networks.

In some embodiments, the described technology provides a peer-to-peer cryptographic currency trading method for initiating a market exchange of one or more Blockchain tokens in a virtual wallet for purchasing an asset (e.g., a security) at a purchase price. The system can determine, via a two-phase commit, whether the virtual wallet has a sufficient quantity of Blockchain tokens to purchase virtual assets (such as electricity only from renewable solar/wind/ . . . sources, weather data or location data) and physical asset (such as gasoline for automated vehicles) at the purchase price. In various embodiments, in response to verifying via the two-phase commit that the virtual wallet has a sufficient quantity of Blockchain tokens, the IoT machine purchases (or initiates a process in furtherance of purchasing) the asset with at least one of the Blockchain tokens. In one or more embodiments, if the described technology determines that the virtual wallet has insufficient Blockchain tokens for purchasing the asset, the purchase is terminated without exchanging Blockchain tokens.

The present system provides smart contract management with modules that automates the entire lifecycle of a legally enforceable smart contract by providing tools to author the contract so that it is both judge/arbitrator/lawyer readable and machine readable, and ensuring that all contractual obligations are met by integrating with appropriate execution systems, including traditional court system, arbitration system, or on-line enforcement system. Different from the blockchain/bitcoin contract system where payment is made in advance and released when the conditions are electronically determined to be satisfied, this embodiment creates smart contracts that are verifiable, trustworthy, yet does not require advance payments that restrict the applicability of smart contracts. The system has a contract management system (CMS) that helps users in creating smart contracts for deployment. After template creation, FIG. 13A shows a flow diagram of the functionality of system in accordance with one embodiment when authoring a contract using one of the smart contract templates. In one embodiment, the functionality of the flow diagram of FIG. 13A is implemented by software stored in memory and executed by a processor. In other embodiments, the functionality can be performed by hardware, or any combination of hardware and software.

A smart contract is a computerized transaction protocol that executes the terms of a contract. A smart contract can have the following fields: object of agreement, first party blockchain address, second party blockchain address, essential content of contract, signature slots and blockchain 10 associated with the contract. Turning now to FIG. 13A, at 2, the user logs into the system to author a smart contract. The system then retrieves the appropriate contract template for the user, and a user interface renderer displays the corresponding deal sheet user interface to the user. The selection of the appropriate contract template can be based on many factors, including the role of the user, the intended parties to the contract, the type of contract desired, etc. At 4, the user enters the information that is requested by the user interface based on the attributes displayed. Because the user interface is tailored specifically to the desired type of contract, the required contract terms information for that type of contract will be entered by the user as guided by the attributes of the template. The user may interact with the user interface through a single page or through multiple pages in a particular sequence with a forms wizard, or through the selection of tabs. In one embodiment, the user interface is rendered as a mark-up language such as XML showing the structure of the requirements of the contract. In other embodiments, the user interface is rendered as an Excel worksheet, Word document, or other application compatible format that can be read by the contracting parties, lawyers, judges, and jury. At 6, the contract is generated based on the user input to the user interface. The contract can be in the form of bytecodes for machine interpretation or can be the markup language for human consumption. If there are other contracts that are incorporated by reference, the other contracts are formed in a nested hierarchy similar to program language procedures/subroutines and then embedded inside the contract. At 8, the smart contract is assigned a unique block chain number and inserted into block chain. At 10, the smart contract is sent to one or more recipients, which open the payload and execute the terms of the contract and if specified contractual conditions are met, the smart contract can authorize payment. At 12, if dispute arise, the CMS can graphically decode the contract terms in the smart contract for a judge, jury, or lawyer to apply legal analysis and determine the parties' obligations.

Cloud Storage Security

In another aspect, a distributed file storage system includes nodes are incentivized to store as much of the entire network's data as they can. Blockchain currency is awarded for storing files, and is transferred in Bitcoin or Ether transactions, as in. Files are added to the network by spending currency. This produces strong monetary incentives for individuals to join and work for the network. In the course of ordinary operation of the storage network, nodes contribute useful work in the form of storage and distribution of valuable data. In another aspect, a method for providing electronic content retrieval with cloud computing is provided. A first request message is received in real-time on the first cloud application stored on the cloud server network device with the one or more processors from a second cloud application. The first request message includes a request for desired cloud electronic content stored in the plural cloud storage objects stored on the selected ones of the plural other different cloud server network devices located on one or more of the networks comprising the cloud communications network. The plural different cloud storage objects function as a single secure storage object for electronic content on the cloud communications network. A cloud content location map is retrieved securely on the first cloud application on the cloud server network device. The cloud content location map includes address locations of the selected ones of the plural other different cloud server network devices on the cloud communications network. The first cloud application on the cloud server network device sends plural second request messages for the desired cloud electronic content to the selected ones of the plural other different cloud server network devices identified in the retrieved cloud content location map and located on one or more of the public communication networks, the one or more private networks, community networks and hybrid networks comprising the cloud communications network. The first cloud application on the first server network device combines the one or more individual components of the desired cloud electronic content from the plural cloud storage objects from the received plural response messages into a final desired electronic cloud content component. The first cloud application on the cloud server network device securely sends in real-time the final desired cloud electronic content component as the request desired cloud electronic content to the target network device via the cloud communications network. The second cloud application on the target network device cannot determine the desired cloud electronic content was split and was stored in plural cloud storage objects and cannot determine which of plural selected ones of the other different cloud server network devices on which ones of the public, private, community or hybrid networks on the cloud communications network may have stored portions of the final desired cloud electronic content, thereby providing a second and/or fourth layer of security and privacy for the desired cloud electronic content on the cloud communications network.

To enable an IOT device such as a car or a robot to access cloud data securely, and to grant access right to agents of the IOT device such as media players in the car, for example, the following methods can be used: A method for accessing data, content, or application stored in a cloud storage, comprising: authorizing a first client device; receiving an authorization request from the first client device; generating an authorization key for accessing the cloud server and storing the key in a blockchain; providing the authorization key to the first client device; receiving the authorization key from an IOT device as a second client device working as an agent of the first client device; granting access to the second client device based on the authorization key; receiving a map of storage locations of cloud objects associated with an application or content, each storage location identified in a blockchain; and reassembling the application or content from the storage locations.

Automatic Execution of Smart Contract

While Ethereum mentions smart contract, it is actually mentioning the use of executable codes on the blockchain. For example, the Ethereum Solidity is a javascript like a language used to code smart contracts on the Ethereum platform. It compiles into a bytecode format that is understood by the Ethereum Virtual machine (EVM). It's a strongly typed language with the ability to define custom data structures. By smart contract, the present system is referring to contracts and agreements that are automatically executed, with conditions and terms similar to a legal contract.

FIG. 1B show an exemplary smart contract specification user interface for a contract to buy a web site while FIG. 13C shows an exemplary UI for an insurance contract. Many different types of contracts are frequently needed to be created by organizations. For example, sell-side contracts may include contracts for selling products (e.g., inventory-based products), services (e.g., warranties), projects (e.g., construction), etc. Other types of contracts may be needed to be created when purchasing products and services. Further, specialized contracts may need to be created for leases, loans, intellectual property acquisition, etc. When authoring contracts, different types of contracts likely require different types of information to be captured. A generic contract authoring tool cannot easily accommodate creation of these different types of contracts in a simple user friendly manner. Embodiments allow a contract administrator to create multiple specialized user interface templates, also referred to as contract templates, or “deal sheet” templates, for many different types of contracts. A template may be based on the type of contract being authored, or be tailored for a particular user role. The system generates a contract template designer user interface that provides the ability to create and modify these templates. The template comprises a plurality of attributes organized in a predetermined and tailored way. The contract administrator may choose to create a template or modify an existing template. Modifying a template involves changing what attributes are included in the template and how they are organized. The contract administrator can include all the attributes that define a certain type of contractual arrangement or a subset of them and organize them in the most logical way. When the template is used for authoring by an end user, the system renders a user interface based on the template to the end user. The user interface rendered to an end user based on the template can be referred to as a “deal sheet”.

The UI can operate with blockchains such as Bitcoin or Ethereum. Rather than have multiple separate silos, a blockchain (in its purest form) can act as a unified database that's accessible (on a read and write basis) by everyone (it is in effect “permissionless”). The ledger stored on a blockchain is shared amongst a distributed network of computers. The use of cryptography enables users to modify the master ledger without the need for a central authority. With a blockchain there is no need for a central trusted authority or for intermediaries. The disintermediation of intermediaries can redefine the value chain in a wide range of industries, from financial services to media, and puts the power and value of data back in the hands of the people creating that data. Blockchains can be public (such as the Bitcoin blockchain or the Ethereum blockchain)—these are effectively permissionless, or they can be private (where access is restricted to a selected group of users). Advantages of the blockchain smart contract may include one or more of the following:

Preferably, the system uses Ethereum which has a complete programming language, sometimes called EtherScript. Since most agreements involve the exchange of economic value, or have economic consequences, categories of public and private law are implemented using Ethereum. An agreement involving transfer of value can be precisely defined and automatically enforced with the same script. FIG. 13C show an exemplary smart contract specification user interface (UI) for a contract to buy a web site while FIG. 13B shows an exemplary UI for an insurance contract. Smart contracts can have scriptable clauses that are executed in a runtime using the Ethereum environment in one example, and can have multiple parties, each with their own agents and asset accounts. Funds transfers go through a controlled interface, with notices and receipts sent to all relevant parties. The script code is unable to manipulate any assets excepting those explicitly declared beforehand on the smart contract, and verified as valid property of a legitimate party to the contract by looking up ownership information in the blockchain, among others. And when funds are moved, it's to a contract-specific name, not an account 10. The smart contract can move_funds( ) between these declared accounts, as its script logic dictates, but it can also stash_funds( ) directly inside the contract itself! For example, during an escrow, funds might be stashed inside the smart contract for 14 or 30 days, and then transferred to one party or another. Scripted clauses can also be configured to trigger on certain events. Variables can be defined in the smart contract, which persist through its entire lifetime. As the smart contract—including its internal state—continues to process over time, receipts will continue to drop into the relevant parties' inboxes, showing the change in state, in those variables, overtime. Smart contract variables can be defined as “Constant” (value cannot change), “Persistent” (value can change, and will persist between script runs), and “Important” (value is persistent, AND any changes in the value will result in server notices being sent to the parties.)

Next, the functionality of system in accordance with one embodiment is detailed when creating a contract/deal sheet template that can be used for authoring a contract. In one embodiment, the functionality of the flow diagram is implemented by software stored in memory and executed by a processor. In other embodiments, the functionality can be performed by hardware, or any combination of hardware and software. To set up, the contract administrator logs onto the template designer application and a previously created contract template designer UI is retrieved to be modified, or a new design is created. In one embodiment, the contract template designer UI is retrieved from database and displayed through an Internet browser to a user at a client computer. The contract template designer UI includes user actions through a UI that allow attributes of the contract template to be customized for a specific type of contract. The system receives user attribute requests from the contract administrator and modifies the contract template accordingly. The attribute requests are generated by the contract administrator through various actions in the designer tool. The modified contract template is stored in data catalog for later use in order to create the contract.

In addition to Ethereum, other blockchain or globally shared, transactional database can be used. To change something in the database, the system creates a transaction which has to be accepted by all others. One embodiment runs on an Ethereum Virtual Machine or EVM as the runtime environment for smart contracts in Ethereum. It is not only sandboxed but actually completely isolated, which means that code running inside the EVM has no access to network, filesystem or other processes. Smart contracts have limited access to other smart contracts. There are two kinds of accounts in Ethereum which share the same address space: External accounts that are controlled by public-private key pairs (i.e. humans) and contract accounts which are controlled by the code stored together with the account. The address of an external account is determined from the public key while the address of a contract is determined at the time the contract is created (it is derived from the creator address and the number of transactions sent from that address, the so-called “nonce”). Every account has a persistent key-value store mapping 256-bit words to 256-bit words called storage. Furthermore, every account has a balance in Ether (such as in “Wei”) which can be modified by sending transactions that include Ether.

FIG. 13D shows another exemplary process executed by the smart contract system. In (20) Buyer requests to obtain the service or item from the service or item provider. In (24) Item provider utilizes the blockchain system described above and generates a cryptographic key pair and in (26) the service or item provider embeds the key data in the service or item. In (28) the service or service or item provider stores the private key in association with an entity credential in the database. In (30) a third party validates the terms of the smart contract with the private key. In (32) the blockchain or shared ledger is analyzed to determine if key data was used and if contractual terms are satisfied according to contract law expert system and if so mark the satisfaction of the contract terms. In (34) the seller/provider is paid based on smart contract and service or item is then made available to the buyer.

FIG. 13E shows one embodiment of a system (100) for monitoring compliance with a smart contract. The system (100) includes a seller, provider or Offeree machine (110), an Offeror machine or buyer (120), and a financial system (130) providing at least one store of value (132). The Offeree machine (110) possesses, controls or otherwise has access to a service, product or item (112) which is to be made available to the Offeror machine upon acceptance (120). In the embodiment of FIG. 13, and primarily for illustrative purposes, the item (112) is a software application and service provider (110) is a software developer. The Offeror machine or buyer (120) has an electronic computing device (122), in this embodiment a desktop computer, by which it is able to communicate with the service or item provider (110). Communications between the service or item provider (110) and the electronic computing device (122) of the authorized entity (120) may be effected by way of any suitable wired or wireless communications channel. In this embodiment, the communications channel is the Internet. The Offeree machine or seller (110) has associated therewith an item receiving module (114) configured to receive the online service (software, music, video, . . . ) or physical item (112) and an embedding module (116) in communication with the item receiving module (114) configured to embed key data (134) in the service or item (112). The key data (134) is associated with the store of value (132) and usable to conduct a transaction against the store of value (132), a record of such a transaction becoming visible in a transaction ledger (140). One of the contracting parties, for example the Offeror machine or buyer (120), has associated therewith a monitoring module (115) configured to monitor the transaction ledger to determine whether a transaction against the store of value has occurred, and a designation module (117) in communication with the monitoring module (115) and configured to designate the item (112) as accessed by a third party in the event that a transaction against the store of value has occurred. A database (118) is operative in association with the item provider (110). The database (118) is configured to store the key data (134) embedded in the service or item (112) or data at least partially derived therefrom in association with an entity credential of the authorized entity (120) which is authorized to possess the service or item (112).

FIG. 13F shows a block diagram (200) that illustrates a method of validating completion of the term of the smart contract, using the system of FIG. 13D. At a first stage (202), the buyer (120) requests to obtain the service or item (112) from the service or item provider (110). For example, the buyer (120) accesses a website of the provider (110) using the electronic computing device (122) and selects a custom app or video, for example, to purchase. The key data (134) which is to be embedded in the service or item (112) is an identifier uniquely associated with the store of value (132). The store of value (132) has a balance of digital currency. The financial system (130) of FIG. 13 is a system for digital currency in the form of a blockchain. In this embodiment, the store of value (132) is a blockchain address. Cryptocurrencies allow digital currency to be transferred between blockchain addresses without an intermediate financial institution or central authority. Exemplary blockchain systems include peer-to-peer, decentralized cryptocurrencies such as Ethereum (ETH), Bitcoin, Litecoin and PPCoin.

In this embodiment, the blockchain address (132) is represented by or derived from a blockchain public key corresponding to a blockchain private key. The public key is used and/or derived to obtain the blockchain address (132), the address (132) having a specific balance of blockchain held therein. At a next stage (204), the item provider (110) utilizes the blockchain system described above and generates a cryptographic key pair, in other words, a private key and a public key associated with a blockchain address (132). In this embodiment, the service or item provider (110) generates the key pair and transfers funds to the blockchain address (132). The private key represents a direct monetary value which can be traded in the blockchain system. In the case where the blockchain is, for example, Bitcoin or another blockchain system using a similar key and address scheme, the blockchain address (132) has a particular balance associated therewith, indicated, for example, as 3.5 BTC or 0.0001 BTC in the case of Bitcoin. At a next stage (206), the service or item provider (110) embeds the key data in the service or item (112) using the embedding module (116). In the embodiment of FIG. 13F, the key data (134) is the private key associated with the blockchain address (132). The service or item receiving module (114) typically receives the media item (112) before the private key (134) is embedded therein, from where it is transferred to the embedding module (116). In this embodiment, the private key (134) is embedded in the media item (112), which is an e-book, as a one-dimensional barcode (113). At a next stage (208), the service or service or item provider (110) stores the private key (134) in association with an entity credential in the database (118), as described above. In this embodiment, the entity credential includes a name, address and contact details of the authorized entity (120). The database (118) therefore acts as a registry of keys, enabling the item provider (110) to keep track of which private keys are associated with which buyer (120). The service or item (112) is then, at a next stage (210), made available to the authorized entity (120). In this embodiment, the authorized entity (120) may typically be able to download the e-book and store it locally or in any physical or cloud-based storage location as desired. At (212) Shared ledger is analyzed to determine if key data was used and if so mark the satisfaction of the contract terms and (214) Seller/provider is paid based on smart contract and service or item (112) is then made available to the buyer (120). Records of all transactions conducted in the financial system (130) are held in the transaction ledger (140). In the embodiment, the transaction ledger (140) is a publicly visible shared transaction ledger. Typically, the shared transaction ledger (140) includes all these transactions as a chain of transaction records or receipts, commonly referred to as a “block chain” in at least one known cryptocurrrency system. These transaction records are signed using both a private key and a public key, the private key being that of a party transferring value and the public key being associated with a receiving address. The shared transaction ledger (140) is typically publicly accessible via a website or other Internet-based platform.

Transaction records are verified by third parties carrying out what is known as “mining blocks”. Exemplary cryptocurrencies which make use of proof-of-work verification schemes, such as Secure Hash Algorithm 256 (SHA-256) or scrypt, are Bitcoin and Litecoin. An exemplary blockchain system employing a combined proof-of-work/proof-of-stake verification scheme is PPCoin. The principles and functioning of such cryptocurrencies having shared transaction ledgers containing transaction records will be well understood by those skilled in the art. Importantly, such a system allows a party having access to a private key or data at least partially derived therefrom to transact against a corresponding blockchain address, in other words, either use the funds linked to the address or transfer the funds to a receiving address. These systems also allow any party to inspect or analyze the shared transaction ledger to determine whether a particular address was transacted against. In the embodiment of FIG. 13F, the monitoring module (115) is used to inspect or analyze the shared transaction ledger (140), for example by using a web-based platform providing at least some of the transaction records, as illustrated in FIG. 13, whereby transaction records in the shared transaction ledger (140) can be accessed.

The buyer is therefore provided with a service or item which has a reliable handle to a store of value embedded therein. Should the private key (134) not be read from the media item and used to transact against the blockchain address, the funds stored therein remain untouched and the buyer either retains a deposit or token amount or is not held accountable and/or liable for the work done by the provider or seller (110).

However, if the service or item (112) is checked by a third party, leading to the private key (134) being read from the service or item (112) and used to transact in the blockchain system, some or all of the funds may be spent as part of the transaction verification overhead to one or both of the buyer (120) and the seller/provider (110). Furthermore, the transaction is visible in the shared transaction ledger (140), making the possibly fraudulent activity immediately or relatively quickly traceable. Upon verification, the payment for the completion of the contract term is automatically processed by the smart contract.

The flow diagram (300) of FIG. 13F illustrates a sequence of steps whereby a completed contract term is verified. At a first stage (302), the buyer (120) makes an offer to buy under specific criteria services or items (112). At a next stage (304), a third party verifier (301) reviews the service or item (112) and reads the private key (134) from the media item (112). In the example of an application or a custom video embedded with key data by way of a barcode described with reference to FIG. 13, the third party (301) may use a barcode-reading technique to obtain the private key (134) which is embedded in the e-book.

The private key may be readable from the service or item by any third party that accesses the item either directly or using a software tool. The software tool may, for example, be a publicly available software tool. The third party (301) verifies that the requirements for the term of the contract are satisfied and then, at a next stage (306), utilizes the blockchain system to move funds from the blockchain address (132) corresponding to the private key (134) to a desired address, or spends all or some of the funds in any other way.

Use of the private key (134), which serves as or may be derived from the key data uniquely associating the authorized entity (120) with the service or item (112), may typically include use of the private key (134) and a receiving public key to conduct a blockchain transaction against the blockchain address (132) in favor of a receiving blockchain address. Such a transaction may involve transferring at least some of a balance of blockchain held at the blockchain address (132) to a second, receiving blockchain address represented by or derived at least partially from a second, receiving blockchain public key.

After the third party (301) has conducted the above transaction, at a next stage (308), a record of the transaction becomes visible in the shared transaction ledger (140) or “block chain”. The service or item provider (110) or any other party fulfilling this function analyses the shared transaction ledger (140) at a next stage (310) to determine whether the private key (134) was used to conduct a transaction. In this case, due to the transaction conducted by the third party (301), the shared transaction ledger (140) indicates, at a next stage (312), that the blockchain address (132) was transacted against and therefore that the private key (134) was used after validating the terms of the smart contract.

The service/item provider (110), at a final stage (314), in response to determining that a transaction was conducted against the store of value using the identifier which was embedded in the service or item (112), updates the database (118) to indicate that the identifier was used to transact against the value store, in other words, that the private key (134) was used as payment for validating satisfaction of contractual term(s). This prompts the item provider (110) or other party managing the monitoring of the shared transaction ledger (140) to designate the item (112) terms as satisfactorily verified by a third party.

The transaction record in the shared transaction ledger (140) may be used by the item provider (IID), or, of course, by any entity or agent monitoring the shared transaction ledger (140) on behalf of the item provider (IID), to extract, obtain or derive the private key (134), public key or simply the blockchain address. The obtained information is matched with the key data stored in the database (118) in association with the entity credential. In this way, the authorized entity (120) may be unambiguously identified and the item provider (110) is able to obtain payment pursuant to the smart contract.

A further example of an embedding technique is natural language watermarking or natural language morphology, whereby, for example, sentence construction of a document may be watermarked. In one example, the structure of one or more sentence constituents in a natural language text may be used to insert a watermark into a document.

Preferably, the key data is embedded using a robust technique, which makes it relatively easy to read or derive the private key, while completely removing, obscuring or obliterating the key data from the service or item is made comparatively difficult. In some embodiments, removing the key data from the service or item destroys the item, makes the value associated with the blockchain address unusable, materially alters the item's content or makes it subsequently unusable.

In cases where more than one different private key is embedded in the service or item, each private key corresponds to a separate blockchain address having a balance of blockchain. Alternatively, a single private key embedded in the service or item may be associated with a plurality of blockchain addresses in the database, the authorized entity typically being held liable for funds held in one or more of the plurality of addresses.

It is foreseen that the service or item provider may have management software used for any one or more of the following functions: to receive the service or item using the service or item receiving module, to generate the necessary cryptographic key pairs, to store keys in association with entity credentials, to embed private keys in service or items using the embedding module, to distribute or otherwise allow entities to obtain requested items, to monitor the shared transaction ledger using the monitoring module, and to use the designation module to designate a service or item as accessed by a third party in the event that a transaction against a particular blockchain address becomes visible in the shared transaction ledger. Designating a service or item as accessed by a third party may refer to any action taken an entity to confirm or establish that the key data embedded in the service or item was compromised and used to transact against the relevant blockchain address.

The blockchain address may be controlled and/or managed by any party capable of monitoring the transaction ledger to determine whether a transaction against the store of value has occurred. The party may typically be an individual having ownership or control of the service or item, a group having ownership or control of the service or item, the authorized entity itself, the service or item provider as described above, or a third party associated with the service or item provider.

It should specifically be noted that the blockchain address may be controlled and/or managed by a third party embedding service provider. In such cases, one or more of the service or item receiving module, the embedding module, the monitoring module, the designation module and the database may be associated with the embedding service provider such that the embedding service provider is capable of embedding the key data in the service or item on behalf of the service or item provider and performing one or more of the further functions associated with the modules mentioned and the database.

The service or item may be embedded with the key data by the embedding service provider on behalf of the authorized entity. In such cases, embedding the service or item with the identifier and/or the managing of blockchain addresses and keys are outsourced to and carried out by an external service provider.

It should be appreciated that the entity controlling and/or managing the blockchain address may elect to change the balance of blockchain stored at the blockchain address by conducting transactions against the address to increase or decrease its value. Such action may be taken, for example, in response to the service or item becoming compromised or to create a reward or incentive for finding the service or item and/or the key data embedded therein.

It should be appreciated that the service or item may have various formats and is not limited to the transfer of a file or document. In one example, the authorized entity may select media content to stream or video content to download to a personal device.

In addition to the use of a blockchain system, any suitable conventional payment systems and channels may be employed to purchase, rent or otherwise transact to obtain the service or item. Alternatively, no conventional payment may be required.

In the embodiment of FIG. 13F, the blockchain address is controlled and managed by the service or item provider. The service or item provider then generates the key pair and transfers funds to the blockchain address.

Alternatively, the blockchain address may be associated with a key pair of the authorized entity, the authorized entity providing the service or item provider with the private key to enable the service or item provider to uniquely identify transactions conducted against the blockchain address. The authorized entity may have generated the key pair, provides the private key to the service or item provider, and the service or item provider transfers funds to the blockchain address. In a further embodiment, the authorized entity, after generating the blockchain address and transferring funds to the blockchain address, provides the private key to the service or item provider.

In an exemplary blockchain system, Bitcoin, the blockchain address is a 160-bit hash of the public portion of a public/private Elliptic Curve Digital Signature Algorithm (ECDSA) keypair. In at least one known blockchain system, the blockchain address is therefore algorithmically converted from a public key. However, it should be appreciated that the blockchain address may be the public key itself, or any other identifier derived at least partially from the public key. The blockchain address and public key may thus comprise different values or strings of characters that are uniquely associated with each other such that the private key remains unambiguously linked to the blockchain address. The system is not limited to one or more particular blockchain systems, as will be apparent to those skilled in the art.

In embodiments of the system, the balance associated with the blockchain address may be less than an inherent value of the service or item. The service or item may be made available to the authorized entity permanently. This may typically be the case for physical or biological items or media items such as, among others, music files, software and electronic books. If the service or item is made available to the authorized entity permanently, the authorized entity may be held liable for unauthorized distribution of the service or item at any time after the service or item is made available to the authorized entity.

Alternatively, the service or item may be made available for a predefined period of time or until a predefined condition is met. For example, the service or item may be streaming media, in which case the authorized entity is only held liable for compromising the private key embedded in the media during a specific timeframe, for example, until streaming has ended. A predefined condition which lifts accountability and/or liability from the authorized entity may be returning of the service or item to the service or item provider. Alternatively, the service or item provider may monitor the shared transaction ledger for a period of time to determine whether the blockchain address is transacted against before liability is lifted. Alternatively, the authorized entity may be held liable.

In one embodiment for corporate management, the blockchain comprises code for storing a stock identifier (ID), a stock certificate number with stock quantity. Other embodiments may include:

code to determine a share registry or a capitalization table from each stock certificate number and stock quantity,

code to distribute shareholder communication from a share registry or a capitalization table,

code to collect secure shareholder votes from a share registry or a capitalization table for transparent corporate governance,

code to provide financial information to shareholder a share registry or a capitalization table for corporate governance, or

code to enforce majority or supermajority shareholder votes from a share registry or a capitalization table for corporate governance.

Stock trading settlements are nearly instantaneous because cryptographic currency transactions are independently and extemporaneously generated, verified, and executed within the network, without the risks associated with traditional clearing houses that can delay settlements for several days.

The system can be used for political voting as well. In the corporate shareholder example above, the shareholder is authenticated by virtue of her security transactions. However, for political voting, this option is not available and in one example, at the start of the voting process, the voter's identity has been verified and the voter is allowed to vote under whichever laws apply in the jurisdiction. The voter is issued a private key. This private key may be issued as a barcode printed on a piece of paper or another physical medium, a private key printed as a barcode on a physical ballot, or on an electronic medium such as a USB storage device, RFID device, or other computer readable medium. The private key is received at the voting machine. If the private key is a barcode it is received through a scanner on the voting machine. If the private key is on an electronic storage medium, it is received through whatever means is appropriate for the electronic storage medium. The validity of the private key is verified and the voting machine checks to make sure the private key was issued through the proper authority, and has not yet been used. The voting machine receives votes from the voter, this is done electronically through a graphical interface of the voting machine, or by scanning a physical ballot through the voting machine's scanner. The votes are then stored on the blockchain. According to one embodiment, this involves storing the public key to uniquely identify the voter and the electronic identifiers of the candidates or local issue that the voter voted for. Typically the electronic identifiers of the candidates will also be public keys, but any identifier could be used to uniquely identify which candidates the voter voted for. The voting data is digitally signed using the voter's private key and the voting data is broadcast to the distributed network. Once the voting data is available to the distributed network, one or more of the voting machines that act as nodes on the distributed network can try to solve for the next block with the voting data included in the payload of the voting block.

According to an embodiment, the voting system combines three different security systems, of which none can be compromised or disabled in the same way. The three systems are (a) a physical record through paper or other hard copy version of a voting ballot, (b) a cloud based protection which would use a computer interface and the internet to transfer results taken after the scanning of special, one-use-only ballots and offload them onto a cloud storage, and (c) storage on a customized blockchain or blockchain type apparatus. Results would be stored in each of these three media. However, vote counting should be done using the two computer media for the sake of timeliness. The paper record preservation can assist in auditing the vote and other records.

FIG. 13G is a diagram 320 depicting an example transaction message 322. Transaction messages 322 are used by the system for changing Blockchain token 329 ownership. A transaction message 322 includes a transaction 303 and the sender's digital signature 332 of the transaction 323. The transaction 303 includes the recipient's address 324 (e.g., a hash value based on the receiver's public key), the Blockchain token 309 (i.e., a stock ID 328 and its position 326), past ownership information 331 (if any), and optional other information 310 (e.g., a market order type to indicate whether the transaction is to buy or sell a Blockchain token 329). The transaction 323 is digitally signed by the sender's private key to create a digital signature 332 for verifying the sender's identity to the network nodes. The network nodes decrypt the digital signature 332, via the sender's previously exchanged public key, and compare the unencrypted information to the transaction 323. If they match, the sender's authenticity is verified and, after a proper chain of ownership is verified via the ledgers (as explained above), the receiver is recorded in the ledgers as the new Blockchain token 329 owner.

The above system can determine trade settlement automatically for stock. However, the same arrangement can be used for commodities such as for trading sugar, vegetable, among others. For commodities, in place of the corporate governance information, information on location of manufacturing and supply chain is encoded to assure that the commodity is coming from where it is represented. For example, a buyer may specify that the electricity is coming only from solar energy, or that a fruit is coming only from a tropical region, or a diamond is from a particular location and not unethically procured, for example. In this embodiment, the transaction message 322 includes the transaction 303 for a product and the sender's digital signature 332 of the transaction 323. The transaction 303 includes the recipient's address 324 (e.g., a hash value based on the receiver's public key), the Blockchain token 309 (i.e., the item ID 328 and the buy/sell position 326), past ownership information 331 (if any), and optional other information 310 (e.g., a market order type to indicate whether the transaction is to buy or sell a Blockchain token 329). The transaction 323 is digitally signed by the sender's private key to create a digital signature 332 for verifying the sender's identity to the network nodes. The network nodes decrypt the digital signature 332, via the sender's previously exchanged public key, and compare the unencrypted information to the transaction 323. If they match, the sender's authenticity is verified and, after a proper chain of ownership is verified via the ledgers (as explained above), the receiver is recorded in the ledgers as the new Blockchain token 329 owner. Location, temperature, shock, and tamper proof data can be stored in 328. One exemplary embodiment includes an application that can be downloaded to a device with location information such as a computer or a smart phone with GPS system. In one embodiment, a trusted person with a smart phone/computer physically inspect a manufacturing station or area inside a manufacturing and creates a first blockchain record with the current local position inside the manufacturing facility. The trusted person has a credential which is recorded in the first blockchain record, and all items being manufactured and passing through the station or area chain back to the first blockchain. The trusted person then repeats this process for each manufacturing station/area in the facility, and each item manufactured by the facility can be completely tracked through each manufacturing station or area using the blockchains. The system provides full “chains of custody” that tell the stories of products and provides a centralized system with a governing third party was, until recently, the only conceivable way to achieve data and transaction transparency along supply chains. The global peer-to-peer network is an open platform that can deliver neutrality, reliability and security. The blockchains are auditable. Each individual operation or interaction, such as the provision of a new employee or the recording of outgoing stock, is perfectly recorded and archived. Auditing is thus as simple as joining the blockchain network, as this allows one to “replay” the operations of the past in order to reconstruct the history of the item from birth to the present. Combined with the absolute guarantees of authenticity for every interaction, strong and agile data systems can be facilitated that are at their core resilient to coercion and human factors. With blockchains, data can be accessed and verified by everyone, rather than solely by the original certifier.

The system enables the physical goods and materials to be identified and linked with their digital representation on the blockchain (e.g., serial numbers, bar codes, digital tags like RFID and NFC, genetic tags) is crucial in uniquely identifying a physical good with its digital counterpart. At Provenance we are exploring many new and existing technologies; an overview of recent technologies can be found here. Identities are recorded in production and manufacturing programs, and for simplicity and easy adoption we expect them to take the form of existing barcodes and serial numbers which are linked to blockchain identifiers using a secure hash.

User-facing applications facilitate access to the blockchain. The final owner of the product has access to secure information about the product's supply chain, without having access to identification details. The final owner of the product has access to secure information about the product's supply chain, without having access to identification details.

By design, every transaction along a supply chain on the blockchain is fully auditable. By inspecting the blockchain, smartphone applications can aggregate and display information to customers in a real-time manner; furthermore, due to the strong integrity properties of the blockchain, this information can be genuinely trusted. A user interface sheds light on the digital journey of a product can empower better purchases by giving users a true choice that they can exercise. There are substantial broad effects of bringing near-frictionless transparency to consumer purchase decisions and product identity; clearly there is likely to be an additional “virtuous” component in purchase decisions, especially among mid-level purchases where a marginal increase of 20% to the price does not affect the willingness to buy. Additional levels of guarantee over genuine articles is a high-value use case. While an initial introduction of this technology may be in the form of a discrete and removable label, easily verified through a smartphone-readable QR-code, a more progressive possibility would be a conspicuous hologramatic or RFID tag, embedded in the brand label, allowing the owner to prove the authenticity of the product at any time by accessing the data on the blockchain through the tag.

In the system, everyone has a profile accessible with a private key. Profiles can be public or private depending on use case and permissions. Some are rich with information, whilst others simply contain an anonymous ID. The system supports the registration of named participants (i.e. certifiers, auditors, producers, and manufacturers). Such participants may request registration of their digital identity which links their real-world identity with their blockchain-based digital identity, thus allowing them to interact with the blockchain using their real-world identity. Upon request, the registration authority verifies their identity and records the result in the blockchain, available for all to inspect.

These programs represent the implementation of schemes for proper recognition of a standard (e.g. no animal testing, biodynamic, fair labor). Through these programs, standards organizations provide for the creation of compliant production or manufacturing programs (see below), allowing instances or batches of goods and materials to be added to or processed on the blockchain. Such producers or manufacturers may require inspection by a certifier or auditor of their facilities and processes to be able to obtain and operate a certified program. Successful verification results in the deployment of a production or manufacturing program that is both registered with the certification program and authenticated by an auditor, and allows a producer to create the digitally tradeable equivalent of a good (i.e., a token that shadows the real-world material or product).

In an implementation, a circuit can be associated with a manufactured item and/or a component of the item (an “object”). The circuit can be associated with the item or component by inserting it, affixing it (e.g., with glue), incorporating it as a part of a 3D printing fabrication, or in any other way to associate the circuit. In an implementation, the chip is associated with the object in a tamper-resistant way. That is, if an unauthorized attempt is made to alter the circuit, the circuit can render itself non-functional or change its behavior to indicate that it may not be reliable.

In an implementation, the circuit contains a code that can indicate a particular one or more of a geographic location, a specific manufacturing facility, a specific manufacturer, the identity of a worker, a time reference indicating the date and/or time at which the circuit was activated or associated with the object and any other information that would be useful in establishing the provenance of the object and the compliance of the manufacturer or assembler with relevant rules, regulations and laws (“manufacturing data”). The data encoded in the circuit can be cryptographically protected. For example, the data can be encrypted using a symmetric or asymmetric key using any suitable cryptographic protocol known in the art.

The label is associated with an object, such as on the object or on packaging of the object. The label can include one or more elements of manufacturing data, such as the purported location(s) of manufacture and/or assembly. The one or more circuits can be read for some or all of the data they contain. The label manufacturing data can be compared to the label manufacturing data. An implementation can indicate if there is a match between the label and manufacturing data. An implementation can indicate any and all differences between the label and manufacturing data. An implementation can automatically send a message to a regulatory or other authority if a difference is detected. The message can include elements such as a product name, a product retailer, a product manufacturer, a product serial number, etc. and indications of the discrepancies between the label data and the manufacturing data.

For wide ranging manufacturing processes taking multiple GPS coordinates, the computer or phone has an application with a GPS sending/receiving module to obtain GPS coordinates of the smart phone or computer with a GPS device. For example, the computer or phone I may receive satellite location data, signal time of flight data, etc. The app includes a GPS sending receiving module that may transmit a request for satellite position data in some instances. In some configurations, the GPS sending/receiving module may be utilized to obtain or receive a geo-fence. The geo-fence may indicate the boundaries of the factories or it may represent a predefined area around and including the smart phone.

The app can read the tag ID and associate manufacturing information including geolocation with a blockchain entry. This is done for each stage of manufacturing and also for each shipping transit points until the retailer point. Upon purchase, the buyer can inspect the chain of manufacturing and shipping logistics to verify authenticity. Moreover, when the buyer sells the item as a used good, the transaction is also recorded to the blockchain, and eventually when the item is stripped for parts, the sale of the parts associated with the item is also recorded on the blockchain, thus effecting birth-to-end tracking of the item. Information from the producer is securely cascaded to the manufacturer on receipt. These programs implement the transformation of input goods from production into output goods. Much as with production programs, once deployed by the certifier the programs are operated by manufacturers, but with one additional constraint: input goods must be “used” for any output to be created, just as in the physical world. For example, the registration of a certain amount of organic cotton fabric requires as input the appropriate amount of raw organic cotton, and after this usage the raw organic cotton should no longer be usable. Because of its auditability, the blockchain provides the same cast-iron guarantee as in the physical world; namely, that creation of an output good can happen if and only if the required input is used.

By design, every transaction along a supply chain on the blockchain is fully auditable. By inspecting the blockchain, smartphone applications can aggregate and display information to customers in a real-time manner; furthermore, due to the strong integrity properties of the blockchain, this information can be genuinely trusted. A thoughtful user interface that sheds light on the digital journey of a product can empower better purchases by giving users a true choice that they can exercise.

The success of the system relies on the registration of identities and recording of transactions and information. This enables actors on the supply chain to carry and prove the defining attributes of their material products to any actor further along the chain. Certain users, however, might be concerned about their privacy or the privacy of their suppliers further up the chain. Identities can be protected in a blockchain-based system, while still transferring other salient information. For example, manufacturers in the middle of the supply chain can securely pass a certificate with full authenticity downstream while keeping their identity private. For customers, the described system provides the ability to check important attributes of purchased goods without necessarily seeing the full intricacies of the supply chain that created them. The system also allows for the trusted proof of ownership thanks to Public-Private Key Infrastructure (see box) without revealing their identity of owners to the system. In fact, customers can even use the system to sell a good on a secondary market, allowing the chain to continue post sale throughout the product lifecycle.

Implementations of the application can store location and other data so that a user (such as a retailer, a distributor, a consumer, etc.) can know that if an item is actually produced at a factory at which it is purported to be made, along with the transportation paths and environmental conditions associates with the item in an authenticated manner. A website may be provided to the user (e.g., a consumer). In some instances, access to the website may be configured and/or maintained by the retailer or manufacturer. The website may be accessible to a consumer when, for example, the consumer scans a label on the item. The scan may launch a web browser and load the website on the consumer's electronic device such as a smartphone. The consumer may be able to view information about the location of the one or more factories that made or were involved in the production of the item to which the label is attached and the trips made by the item and environmental conditions (temperature, shock, etc) before it got to the consumer. The consumer may view, for example, pictures of the factory, data about the factory (e.g., wage information, carbon footprint, size of the factory, inspection data, social compliance data, regulatory violations if any, etc.). The data about the may be provided as audited data and unaudited data. Audited data may refer to data that may be validated by a secondary authority (e.g., the retailer). Unaudited information may refer to user-provided commentary or data (e.g., pictures, videos, news articles).

A retailer may contract with a manufacturer to create an item (e.g., smartphone or garment) at a first location. As disclosed herein, a circuit useful for associating a location with a component or an item of which the component is a part may be included (e.g., inserted, affixed to, etc.) in the component. A location associated with the circuit may be received and/or obtained. In some configurations, where the manufacture involves multiple steps, it may be desirable to obtain a location at each step of the process. The location data may be associated with a time reference each time it is obtained and/or received. Additional data may also be associated with the location data (e.g., the step in the process to be associated with the location data, name of individual overseeing the step in the process, etc.). The additional data may be automatically entered or user entered. For example, the cutting of fabric to make a garment may be performed by a mechanical device. The device may obtain, enter, and/or receive the location data from the circuit and store, upload, enter, etc. that the location data at the time of the cutting process corresponds to that process. After the item is manufactured, it may be packaged. A label may be affixed, printed, obtained, etc. and associated with the package. The label may correspond to a second location. The label location data may be compared to the circuit location data to validate that the item was made and packaged at the same factory or location. In some configurations, the label may be associated with the item at a time prior to packaging the item or subsequent to packaging the item (e.g., during invoicing). A retailer may access the location data obtained from the circuit and/or the label to verify the manufacture of the item. In some configurations, the retailer may expose the data and/or allow access to the data by a consumer of the item.

Birth Certificate or Forms of ID

In one embodiment, the first blockchain is created when a baby is born and subsequent medical events are appended to the blockchain. A birth registration application can be installed on a smart device, such as a smart-phone, having location detection function with an image of the baby as encoded in a blockchain. Using such an application allows the birthing attendant and/or birth parents to generate a permanent birth registration report. The location of the user is verified, based on a second location detection method, using the computerized device. A blockchain hash or security key is established with a registration authority according to the location, using the computerized device. A picture of a newborn child at birth is obtained, using the computerized device. Instruction on birth registration requirements according to the location are provided, using the computerized device. A birth registration report is generated in compliance with the birth registration requirements according to the location, using the computerized device. The birth registration report comprises identification of the location, a picture of the newborn child, a hand print (including fingerprints), a foot print (including toe prints) and a time stamp that identifies a time and date of the birth. The birth registration report is encrypted according to the security key, using the computerized device. The security key prevents altering the birth registration report. The birth registration report is transmitted using the blockchain in encrypted format to a registrar of birth records for the location, using the computerized device. The birth registration report is stored in encrypted format on the computerized device.

According to a handheld device for registering a birth, a camera is operatively connected to the handheld device. The camera takes a picture of a newborn child at birth. The camera can be used to scan the hand and the foot to create handprints, footprints, fingerprints, among others. A communication device is operatively connected to the handheld device. A processor is operatively connected to the camera and the communication device. The processor establishes a location of a user of the handheld device using a first method. The processor verifies the location of the user of the handheld device using a second method. The processor provides instruction to the user on birth registration requirements according to the location. The processor establishes a blockchain security key with a registration authority according to the location. The processor generates a registration report in compliance with the birth registration requirements according to the location. The registration report comprises the location, the picture of the newborn child, and a time stamp that identifies a time and date of the birth. The processor encrypts the birth registration report according to the security key. The security key prevents altering the birth registration report. The processor transmits the birth registration report in encrypted format to the registration authority, using the communication device. The processor stores the birth registration report in encrypted format on the handheld device.

According to a computer program product for enabling a smart-phone for registering a birth, the computer program product comprises a tangible computer readable storage medium having program code embodied therewith. The program code is readable and executable by a computer to provide an application to the smart-phone to enable the smart-phone to perform a method. According to the method, a location of the smart-phone is determined, based on a first location detection method. The location of the smart-phone is verified, based on a second location detection method. Instruction on birth registration requirements according to the location is provided. A security key is established with a registration authority according to the location. A picture of a newborn child at birth is obtained, using a camera application of the smart-phone. A birth registration report is generated in compliance with registration requirements according to the location. The birth registration report comprises the location, the picture of the newborn child, a time stamp that identifies a time and date of the birth and a blockchain reference with a private key. The birth registration report is encrypted according to the security key. The blockchain and security key prevents altering the birth registration report. The birth registration report is transmitted in blockchain format to the registration authority.

A country's political constitution or founding charter generally determines who is a national of that country, who is an alien, and how nationality can be acquired or lost. Some Governments follow the principle of jus soli, whereby those born within the country's territory are nationals, even if one or both parents came originally from another country. In such a case, birth registration gives the child automatic right to citizenship of the country in which he or she was born. By enabling birth registration capability in a smart device, the physical barriers to registration can be removed. Such capability should capture a greater number of unregistered births. According to devices and methods herein, this solution would reach remote areas of the global population where childbirth education may not be available. Details of data required for registration can be associated with the location obtained by the GPS in order to determine required country-to-country information. While the information shown in a birth record and on a birth certificate may vary from country to country, the names of the child, the parents, the attending physician, midwife, birth attendant, or other witnesses are generally included, together with the date and place of birth, and the name and signature of the registrar. Other information may include the age of the mother and the child's height, weight and gestational age. Ensuring the rights to a name and nationality and to know one's parents implies that registration should, as a minimum, include the child's name, gender, date, and place of birth, and the name, address, and nationality of both parents. Some countries, such as Qater, require additional information on the certificate, such as immunization status, and issue an immunization card along with the birth registration certificate. In the United States, for example, birth registration may also include application for a Social Security number. While a person's name may be their most distinctive indication of individuality—a right recognized in the CRC—additional data, such as family ties and nationality, promote the child's right to legal protection by parents and by the state.

The birth registration app according to devices and methods herein allows the birthing attendant and/or birth parents to:

-   -   a. Record, using GPS, the place and time of delivery.     -   b. Using the smart device camera, obtain a visual image of the         newborn child as supporting documentation and generate features         based on face recognition of the child and store the features as         blockchain data.     -   c. Using the smart device microphone, record the cry/voiceprint         of the newborn child as blockchain data.     -   d. Register the birth of the newborn child in compliance with         the birth country's requirement.     -   e. Sign the registration with a private key and upload to the         blockchain or a decentralized ledger to prevent subsequent         alteration of the registration.     -   f. Provide a unique ID pointing to birth registration on the         block chain.

Citizenship, ID or Credit History Identification

The above system to produce a digital birth certificate can also be used to provide a digital driver's license, passport, Social Security card, credit cards, or other identification information to clearly establish the identity of the individual.

The need for some form of personal documentation is a constant of daily life in most modern societies. Depending on the prevailing administrative arrangements, establishing one's identity may be essential for a wide range of activities, including the registration of births and deaths, contracting marriage, obtaining employment, housing, hospital care or rations, qualifying for social benefits, entering educational institutions, or requesting the issuance of official documents and permits. To meet these needs, as well as for reasons of public order, many countries have established a system of national identity cards. Such cards, besides identifying the holder, can also serve as evidence of civil status and of nationality. In virtually all countries, lawfully resident aliens also receive some kind of residence permit which may at the same time serve as an identity document. In one aspect, the invention applies the blockchain birth certificate as proof of citizenship, and the blockchain can follow the person from birth through his/her life to establish identity for voting, government benefits (social security, medicare, state college admission, etc) or for credit rating purposes, among others. The blockchain is subsequently supplemented with a history of payment of utility bills, mortgage statements, credit reports, credit card bills, a verified statement from a government official such as a police officer, judge, or other individual that establishes the identity and indicates the stability of the individual and that individual's presence in a predetermined location for a period of time.

Due to the circumstances in which they are sometimes forced to leave their home country, refugees are perhaps more likely than other aliens to find themselves without identity documents. Moreover, while other aliens can turn to the authorities of their country of origin for help in obtaining documents, refugees do not have this option and are therefore dependent upon the authorities of their country of refuge. The blockchain authentication of the refugee enables an official examining the blockchain identity data to be satisfied that the data is authentic and also that the person using the document is in fact the person to whom it was issued.

One embodiment used three different ways of identifying each person:

microchip in a license/badge the person carries

digital fingerprint using blockchain

video image.

Each person also had the fingerprint electronically scanned into the system. This was recorded against their ID blockchain as a backup. If a refugee cut off their wristband, they can be finger scanned again to check who they were. Also, if anything really important was supposed to happen with one of the refugees, the authority can double check the microchip and the fingerprint to make sure they had the right person. Video image is used to check someone's identity by comparing their face with the video image. In one embodiment, biometric data can be included in the blockchain. In this system, an entire immediate family history of DNA data is included in birth certificate blockchain and provides access for any future needs.

In one embodiment, a permissioned blockchain is used where predetermined trusted parties are authorized to initiate individuals or organizations onto the blockchain and thus vouched for by a trusted point, such as a government license issuer (dept of public safety or the social security administration, . . . ), a professional licensing authority (bar association or a pharmacy licensing board, for example), an identity provider, a bank, or other organization with whom they already have a trusted relationship. Individuals can initiate their own identity if they wish. Once an initial identity record has been established, an identity owner can add additional identity “claims” (attributes, identity transactions, identity proofs) to their identity. Only the identity owner can see and manage this data.

When an identity owner wants to use their identity, they will be asked for some information by a relying party; examples might include name, address and date of birth. The identity owner will find those entries in their identity which match the requirements of the relying party, and then give the relying party access to those records. The relying party will be able to, with the identity owner's permission, verify the issuer of the identity data which the issuer will have digitally signed. When data is shared in this way, a consent record is written to the identity owner's and relying party's identity records to confirm that the data has been shared, by whom, to whom, for what reason, and with what constraints. All decisions about trust in an identity record depend on trust relationships between the parties reading and writing the records. Each relying party will be able to verify the issuer of a claim, e.g., doctor's association, driving license issuer, bank, insurance company, etc. and also that the claim has not changed since writing. So each relying party can determine if the claim issuer is one they can trust. A community of relying parties (e.g., banks, insurance companies, universities, government agencies) can define a trust framework that will define the rules for verifying a claim or credential to a certain level of assurance (LOA), and then issuers operating under that trust framework can indicate the LOA that applies when they write a claim to the ledger. Every claim (credentials/attributes) can be revoked by the issuer. The form revocation takes depends on the type of credential and privacy requirements. A key revocation is recorded on the ledger. The revoked key is superseded by an updated value, and no subsequent misuse is possible.

Different from Bitcoin or Ethereum which uses one identifier in multiple places, the one identifier can be correlated by different vendors and the correlation can be used to amass data about the user without permission. For example, the web visits, facebook likes, and google searches can be combined to provide exacting information about the user. To avoid correlation, the system provides user with different identifier for each vendor, and each identifier is a public-private key pair, where the user only shares the public key or the verification key. Thus, different identifier/key pairs are used for banks, schools, government applications, associations, among others. The pairs are carried in the user's wallet.

The system also supports claims-based identity where the identity owner makes a statement about itself to another entity. Claims can be issued by one identity owner to a second identity owner and then presented to a third identity owner in a way that they can be cryptographically verified. One embodiment uses the w3C Verifiable Claims Task Force at https://www.w3.org/Payments/IG/wiki/Main_Page/ProposalsQ42015/VerifiableClaimsTaskForce, the content of which is incorporated by reference. In one embodiment, the claims can be cleartext, encrypted, hash signature, proof of existence, or anonymous credential type of claim. Cleartext claims are directly readable, with no hashing or encryption. Public cleartext claims are intended for public identities with no expectation of privacy such as public records of ownership that can be fully verified, for example. Encrypted claims contain an encrypted version of a cleartext claim. Hash signature claims contain a specially encrypted tree of cleartext claims, where the identity owner can selectively reveal specific claims to specific relying parties. Proof of existence claims (aka POE claims or hash claims) are simply hashes of digital objects that enable an identity owner to prove that a digital object existed at a point in time. POE claims are especially useful for proving consent as required under privacy regulations. Anonymous credentials transmit claims information without actually containing either a cleartext or encrypted version of the claims data. Rather they are a cryptographic method of providing a proof about a claim. For example, an anonymous credential is a proof of age (i.e., “over 18”) that does not reveal the actual birthdate. With claims, the user can claim a relationship with a trusted party such as a school and once verified by the school, the relationship is stored as part of identity. In another example, the user can claim to be a licensed doctor from a particular state licensing authority (as a trusted party) and once validated by the licensing authority, such status becomes part of the user's identity. The user can provide just the information required. For example, in a bar, if checked, the user can provide a response that he or she is over 18 as a claim without exposing birthdate and driver license information.

Medical History

The above permissioned blockchain can be used to share sensitive medical data with different authorized institutions. The institutions are trusted parties and vouched for by the trusted pont. A Patient-Provider Relationship (PPR) Smart Contract is issued when one node from a trusted institution stores and manages medical records for the patient. The PPR defines an assortment of data pointers and associated access permissions that identify the records held by the care provider. Each pointer consists of a query string that, when executed on the provider's database, returns a subset of patient data. The query string is affixed with the hash of this data subset, to guarantee that data have not been altered at the source. Additional information indicates where the provider's database can be accessed in the network, i.e. hostname and port in a standard network topology. The data queries and their associated information are crafted by the care provider and modified when new records are added. To enable patients to share records with others, a dictionary implementation (hash table) maps viewers' addresses to a list of additional query strings. Each string can specify a portion of the patient's data to which the third party viewer is allowed access. For SQL data queries, a provider references the patient's data with a SELECT query on the patient's address. For patients uses an interface that allows them to check off fields they wish to share through a graphical interface. The system formulates the appropriate SQL queries and uploads them to the PPR on the blockchain.

In one embodiment, the transaction 303 includes the recipient's address 324 (e.g., a hash value based on the receiver's public key), the Blockchain token 309 (i.e., a patient ID 328 and personally identifiable information such as Social Security 326), past medical institution relationship information 331 (if any), and optional other information 310. The transaction 323 is digitally signed by the patient who is the sender's private key to create a digital signature 332 for verifying the sender's identity to the network nodes. The network nodes decrypt the digital signature 332, via the sender's previously exchanged public key, and compare the unencrypted information to the transaction 323. If they match, the sender's authenticity is verified and, after a proper chain of ownership is verified via the ledgers (as explained above), the receiver is recorded in the ledgers as the new Blockchain token 329 authorized owner of the medical information. Block 328 of FIG. 13G can point to off-chain storage warehouses containing the patient's medical history so that the current owner (or all prior owners) can access the patient medical information for treatment. Further, the information can be segmented according to need. This way, if a medication such as Cannabis that requires the patient to be an adult, the system can be queried only to the information needed (such as is this patient an adult) and the system can respond only as to the query and there is no need to send other question (in the adult age example, the system replies only adult or not and does not send the birthday to the inquiring system).

FIGS. 13J-13N show exemplary chain of custody (CCC) and supply chain tracking system of drugs such as Cannabis. FIG. 13J-13K illustrate one embodiment for general network system architecture of the CCC management system, whereas FIGS. 13L-N show exemplary smart phone tagging system where pictures are taken at each stage of plant growth and processor and the pictures are immutably supplemented with personally identifiable information such as plant GPS location, temperature, humidity, and soil condition. At every stage, the signature and the ID of the person taking the image and the authentication of the person is also added to the image. Here, the CCC system can include one or more central databases, repositories, or servers 6100 in bi-directional communication over a network with one or more of government or regulatory agencies 6130; manufacturer, grower, harvester, processor, wholesaler 6110; distributor, commercial entity, merchant, third party 120. Here, each of parties 6110, 6120, and 6130 may be one or more of servers, databases, networks, computing devices, among others. Further, it is contemplated within the scope of the disclosure described herein that there may be any number of other entities that may communicate with central server 100. In addition, tag/identification smart phones 6200, 6202, 6204, 6206, 6208, and 6210 can also communicate bi-directionally with central server 6100. Here, smart phones 6200-6210 operate to detect, read, decode, sense, or scan identification, tag, code, encoded data from one or more of tagged Cannabis items or products 6300, which will later be described in detail within this disclosure. The smart phones 6200-6210 can transmit the tagged data to the central server 6100 and/or to one or more of entities 6110, 6120, and 6130. In addition, any of entities 6110, 6120, 6130, or server 6100 may control or manage smart phones 6200-6210, such as requesting detected identification tags data from the Cannabis products 6300 prior to, during, or after receipt of the Cannabis at a custodian location. Here, smart phones 6200-6210 may also transmit data automatically to server 100 or any one of entities 6110, 6120, and 6130. It is contemplated within the scope of the disclosure described herein that any other configuration or network architecture, computing devices, and modules may also be incorporated. In one embodiment, the data can include metadata or other data that can be linked to more in-depth data as the central server.

FIG. 13J illustrates one general overview diagram for one embodiment of the CCC management device, system, and method of the disclosure described herein. More specifically, the CCC system is not limited to Cannabis or marijuana and can also be applicable to the chain of custody tracking, management, and identification of all types of agricultural, plant, medicinal, food, drug, or pharmaceutical materials and end products. Here, the CCC system can include one or more Cannabis tags can be secured pictures taken by verified persons (inspectors/employees, among others whose identity is pre-vetted/pre-verified and accessible on the blockchain) and such pictures can be embedded with tags such as date/time, GPS location, temperature, humidity, and/or soil characteristics, among others). The tags can manifest on the picture taken by the inspector/agent, or can be hidden as meta tags within the picture and the hidden files can be embedded into a JPEG image using the 7-Zip and the Windows command line, or the app can hide data in files with steganography tools. The tags can include but are not limited to physical, molecular, chemical or biological.

In one embodiment, an Internet of Things (IOT) device includes a device body; an accelerometer coupled to the body to detect acceleration; a camera to capture an image; a wireless transceiver; and a processor coupled to the transceiver, the accelerometer and sensor. Implementations of the embodiment can include one or more of the following. A blockchain can be accessed by the processor to store data for the device. A module can compare a professional activity with a user activity to improve plant growth. A module can manage a chain of custody for Cannabis. A module can perform image tagging of one or more Cannabis plants. The image can be coupled to the blockchain. The image can be immutable and unmodifiable. The image includes embedded information including a signature of a person taking the image. The image includes embedded information including a positioning system coordinate and a temperature. The image includes embedded information not visible to an eye. A module can manage a chain of custody for an object, a drug or user identity. Identification tags can be on a surface of the one or more Cannabis plants. A module can identify a custodian location from one or more of: a seed grower facility, a plant harvester facility, a processing facility, a distribution facility, a retail facility. A reader can perform one of: photonic, magnetic, x-ray, radio frequency, chemical, microcode, florescence, genetic, electronic analysis, spectroscopy analysis. Identification tags can be mixed or dispersed within a plant or an extracted cannabinoid. The system can work with photographically tagged plants, chemically tagged plants, photographically tagged Cannabis plants, chemically tagged Cannabis plants, Cannabis plants, matured Cannabis plants, Cannabis plant cuttings. A Cannabis extraction machine can receive blockchain data on the Cannabis.

Another embodiment of the CCC system includes a grower and/or harvester seed inventory chain of custody. Here the grower is producing plants and a seed inventory as an asset, which also requires a CCC system to manage and control seed inventory and to ensure that no seeds are inadvertently shipped to the processor with the harvested plants. After seeds are removed from the plants, the grown plants can then be shipped to the processor. Further, the growers CCC system also helps with managing quality control of seed production. Here, from the very first seed, many more seeds can be obtained from the grown plants to further the grower's business until a regulated growing limit is reached. It is further contemplated within the scope of the disclosure described herein that grower or harvester's tagged inventory can also be read/scanned and the data sent to a central database server.

In this embodiment, reference package seeds 6026 are tagged using bottle with ID codes thereby tagging both the package and seeds therein with encoded identification codes. A smart phone can further confirm the bottle ID code and the reference seed can be delivered to the growing area such as a green house, field, facility, or other suitable medium in order to grow Cannabis plant from seed. Grown or growing plant can also be image tagged and associated with the seed ID from the bottle ID. The tagging of the plants can ideally be divided into batches, each batch having unique tag codes, and wherein each batch may then be sized to accommodate the shipping packages or other means of delivery. Further, shipping/packaging labels having scanable optical bar codes, QR codes, or RFID or other codes that represent the aggregate or contents of the contained shipment, may be used to track batched shipping of the Cannabis or end product. Here, the grown plant can be segregated into manageable growth batch areas, and each batch area checked for CCC with smart phone. After plants 31 grown or matured, the seeds can then be harvested and delivered to package seeds. Here, package seeds can then be tagged and then be checked and confirmed by a smart phone and the seeds can then be placed into inventory for future use by the grower. Here, since data can be recorded and stored in a computer database, the seeds' unique codes may be traced and tracked to the end user or consumer and from the end-user or consumer back to the grower inventory. This allows the grower the ability to track plant quality, potency, genetics, origin, and a processors extraction equipment performance for each batch of the end product or cannabinoid yield, including tracking the end product or oil to consumers and government authorities and reporting to government agencies. When dispensed to patient, the batch of THC or drug on the blockchain can be added to a patient database on the blockchain.

In another embodiment, the system includes two look up tables, a global registration look up table (GRLT) where all participants (medical institutions and patients) are recorded with name or identity string, blockchain address for the smart contract, and Patient-Provider lookup table (PPLT). This is maintained by a trusted host authority such as a government health authority or a government payor authority. One embodiment maps participant identification strings to their blockchain address or Ethereum address identity (equivalent to a public key). Terms in the smart contract can regulate registering new identities or changing the mapping of existing ones. Identity registration can thus be restricted only to certified institutions. The PPLT maps identity strings to an address on the blockchain.

Patients can poll their PPLT and be notified whenever a new relationship is suggested or an update is available. Patients can accept, reject or delete relationships, deciding which records in their history they acknowledge. The accepting or rejecting relationships is done only by the patients. To avoid notification spamming from malicious participants, only trusted providers can update the status variable. Other contract terms or rules can specify additional verifications to confirm proper actor behavior.

When Provider 1 adds a record for a new patient, using the GRLT on the blockchain, the patient's identifying information is first resolved to their matching Ethereum address and the corresponding PPLT is located. Provider 1 uses a cached GRLT table to look up any existing records of the patient in the PPLT. For all matching PPLTs, Provider 1 broadcasts a smart contract requesting patient information to all matching PPLT entries. If the cache did not produce a result for the patient identity string or blockchain address, Provider 1 can send a broadcast requesting institutions who handles the patient identity string or the blockchain address to all providers. Eventually, Provider 2 responds with its addresses. Provider 2 may insert an entry for Provider 1 into its address resolution table for future use. Provider 1 caches the response information in its table and can now pull information from Provider 2 and/or supplement the information known to Provider 2 with hashed addresses to storage areas controlled by Provider 1.

Next, the provider uploads a new PPR to the blockchain, indicating their stewardship of the data owned by the patient's Ethereum address. The provider node then crafts a query to reference this data and updates the PPR accordingly. Finally, the node sends a transaction which links the new PPR to the patient's PPLT, allowing the patient node to later locate it on the blockchain.

A Database Gatekeeper provides an off-chain, access interface to the trusted provider node's local database, governed by permissions stored on the blockchain. The Gatekeeper runs a server listening to query requests from clients on the network. A request contains a query string, as well as a reference to the blockchain PPR that warrants permissions to run it. The request is cryptographically signed by the issuer, allowing the gatekeeper to confirm identities. Once the issuer's signature is certified, the gatekeeper checks the blockchain contracts to verify if the address issuing the request is allowed access to the query. If the address checks out, it runs the query on the node's local database and returns the result over to the client.

A patient selects data to share and updates the corresponding PPR with the third-party address and query string. If necessary, the patient's node can resolve the third party address using the GRLT on the blockchain. Then, the patient node links their existing PPR with the care provider to the third-party's Summary Contract. The third party is automatically notified of new permissions, and can follow the link to discover all information needed for retrieval. The provider's Database Gatekeeper will permit access to such a request, corroborating that it was issued by the patient on the PPR they share.

In one embodiment that handles persons without previous blockchain history, admitting procedures are performed where the person's personal data is recorded and entered into the blockchain system. This data may include: name, address, home and work telephone number, date of birth, place of employment, occupation, emergency contact information, insurance coverage, reason for hospitalization, allergies to medications or foods, and religious preference, including whether or not one wishes a clergy member to visit, among others. Additional information may include past hospitalizations and surgeries, advance directives such as a living will and a durable power to attorney. During the time spent in admitting, a plastic bracelet will be placed on the person's wrist with their name, age, date of birth, room number, and blockchain medical record reference on it.

The above system can be used to connect the blockchain with different EHR systems at each point of care setting. Any time a patient is registered into a point of care setting, the EHR system sends a message to the GRLT to identify the patient if possible. In our example, Patient A is in registration at a particular hospital. The PPLT is used to identify Patient A as belonging to a particular plan. The smart contracts in the blockchain automatically updates Patient A's care plan. The blockchain adds a recommendation to put Patient A by looking at the complete history of treatments by all providers and optimizes treat. For example, the system can recommend the patient be enrolled in a weight loss program after noticing that the patient was treated for sedentary lifestyle, had history of hypertension, and the family history indicates a potential heart problem. The blockchain data can be used for predictive analytics, allowing patients to learn from their family histories, past care and conditions to better prepare for healthcare needs in the future. Machine learning and data analysis layers can be added to repositories of healthcare data to enable a true “learning health system” can support an additional analytics layer for disease surveillance and epidemiological monitoring, physician alerts if patients repeatedly fill and abuse prescription access.

In one embodiment, an IOT medical device captures patient data in the hospital and automatically communicates data to a hospital database that can be shared with other institutions or doctors. First, the patient ID and blockchain address is retrieved from the patient's wallet and the medical device attaches the blockchain address in a field, along with other fields receiving patient data. Patient data is then stored in a hospital database marked with the blockchain address and annotated by a medical professional with interpretative notes. The notes are affiliated with the medical professional's blockchain address and the PPR block chain address. A professional can also set up the contract terms defining a workflow. For example, if the device is a blood pressure device, the smart contract can have terms that specify dietary restrictions if the patient is diabetic and the blood pressure is borderline and food dispensing machines only show items with low salt and low calorie, for example.

Patient Behavior and Risk Pool Rated Health Plans

With the advent of personal health trackers, new health plans are rewarding consumers for taking an active part in their wellness. The system facilitates open distribution of the consumers wellness data and protect it as PHR must be, and therefore prevent lock-in of consumers, providers and payers to a particular device technology or health plan. In particular, since PHR data is managed on the blockchain a consumer and/or company can grant access to a payer to this data such that the payer can perform group analysis of an individual or an entire company's employee base including individual wellness data and generate a risk score of the individual and/or organization. Having this information, payers can then bid on insurance plans tailored for the specific organization. Enrollment then, also being managed on the blockchain, can become a real-time arbitrage process. The pseudo code for the smart contract to implement a patient behavior based health plan is as follows.

store mobile fitness data

store consumer data in keys with phr_info, claim_info, enrollment_info

for each consumer:

add up all calculated risk for the consumer

determine risk score based on mobile fitness data

update health plan cost based on patient behavior

Patient and Provider Data Sharing

A patient's Health BlockChain wallet stores all assets, which in turn store reference ids to the actual data, whether clinical documents in HL7 or FHIR format, wellness metrics of activity and sleep patterns, or claims and enrollment information. These assets and control of grants of access to them is afforded to the patient alone. A participating provider can be given full or partial access to the data instantaneously and automatically via enforceable restrictions on smart contracts.

Utilizing the Health BlockChain the access to a patient's PHR can be granted as part of scheduling an appointment, during a referral transaction or upon arrival for the visit. And, access can just as easily be removed, all under control of the patient.

Upon arrival at the doctor's office, an application automatically logs into a trusted provider's wireless network. The app is configured to automatically notify the provider's office of arrival and grant access to the patient's PHR. At this point the attending physician will have access to the patient's entire health history. The pseudo code for the smart contract to implement a patient and provider data sharing is as follows.

Patient download apps and provide login credential and logs into the provider wireless network

Patient verifies that the provider wireless network belongs to a patient trusted provider list

Upon entering provider premise, system automatically logs in and grants access to provider

Patient check in data is automatically communicated with provider system to provide PHR

Provider system synchronizes files and obtain new updates to the patient PHR and flags changes to provider.

Patient Data Sharing

Patient's PHR data is valuable information for their personal health profile in order to provide Providers (Physicians) the necessary information for optimal health care delivery. In addition this clinical data is also valuable in an aggregate scenario of clinical studies where this information is analyzed for diagnosis, treatment and outcome. Currently this information is difficult to obtain due to the siloed storage of the information and the difficulty on obtaining patient permissions.

Given a patient Health BlockChain wallet that stores all assets as reference ids to the actual data. These assets can be included in an automated smart contract for clinical study participation or any other data sharing agreement allowed by the patient. The assets can be shared as an instance share by adding to the document a randomized identifier or nonce, similar to a one-time use watermark or serial number, a unique asset (derived from the original source) is then generated for a particular access request and included in a smart contract as an input for a particular request for the patient's health record information. A patient can specify their acceptable terms to the smart contract regarding payment for access to PHR, timeframes for acceptable access, type of PHR data to share, length of history willing to be shared, de-identification thresholds or preferences, specific attributes of the consumer of the data regarding trusted attributes such as reputation, affiliation, purpose, or any other constraints required by the patient. Attributes of the patient's data are also advertised and summarized as properties of the smart contract regarding the type of diagnosis and treatments available. Once the patient has advertised their willingness to share data under certain conditions specified by the smart contract it can automatically be satisfied by any consumer satisfying the terms of the patient and their relevance to the type of PHR needed resulting in a automated, efficient and distributed means for clinical studies to consume relevant PHR for analysis. This process provides an automated execution over the Health BlockChain for any desired time period that will terminate at an acceptable statistical outcome of the required attained significance level or financial limit. The pseudo code for the smart contract to implement automated patient data sharing is as follows.

Patient download apps and provide login credential and logs into the clinical trial provider wireless network

Patient verifies that the provider wireless network belongs to a patient trusted provider list

Upon entering provider premise, system automatically logs in and grants access to provider

Patient check in data is automatically communicated with provider system to provide clinical trial data

In one embodiment, a blockchain entry is added for each touchpoint of the medication as it goes through the supply chain from manufacturing where the prescription package serialized numerical identification (SNI) is sent to wholesalers who scan and record the SNI and location and then to distributors, repackagers, and pharmacies, where the SNI/location data is recorded at each touchpoint and put on the blockchain. The medication can be scanned individually, or alternatively can be scanned in bulk. Further, for bulk shipments with temperature and shock sensors for the bulk package, temperature/shock data is captured with the shipment or storage of the medication.

A smart contract assesses against product supply chain rule and can cause automated acceptance or rejection as the medication goes through each supply chain touchpoint. The process includes identifying a prescription drugs by query of a database system authorized to track and trace prescription drugs or similar means for the purpose of monitoring the movements and sale of pharmaceutical products through a supply chain; a.k.a. e-pedigree trail; serialized numerical identification (SNI), stock keeping units (SKU), point of sale system (POS), systems etc. in order to compare the information; e.g. drug name, manufacturer, etc. to the drug identified by the track and trace system and to ensure that it is the same drug and manufacturer of origin. The process can verify authenticity and check pedigree which can be conducted at any point along the prescription drug supply chain; e.g. wholesaler, distributor, doctor's office, pharmacy. The most optimal point for execution of this process would be where regulatory authorities view the greatest vulnerability to the supply chain's integrity. For example, this examination process could occur in pharmacy operations prior to containerization and distribution to the pharmacy for dispensing to patients.

An authenticated prescription drug with verified drug pedigree trail can be used to render an informational object, which for the purpose of illustration will be represented but not be limited to a unique mark; e.g. QR Code, Barcode, Watermark, Stealth Dots, Seal or 2 Dimensional graphical symbol, hereinafter called a certificate, seal, or mark. An exemplary embodiment for use of said certificate, mark, or seal can be used by authorized entities as a warrant of the prescription drug's authenticity and pedigree. For example, when this seal is appended to a prescription vial presented to a patient by a licensed pharmacy, it would represent the prescription drug has gone through an authentication and logistics validation process authorized by a regulatory agency (s); e.g. HHS, FDA, NABP, VIPP, etc. An exemplary embodiment for use of said certificate, mark or seal would be analogous to that of the functioning features, marks, seals, and distinguishing characteristics that currently authenticate paper money and further make it difficult to counterfeit. Furthermore, authorized agents utilizing the certificate process would be analogous to banks participating in the FDIC program.

A user; e.g. patient equipped with the appropriate application on a portable or handheld device can scan the certificate, mark or seal and receive an audible and visible confirmation of the prescription drug's name, and manufacturer. This will constitute a confirmation of the authenticity of the dispensed prescription drug. Extensible use of the certificate, mark, or seal will include but not be limited to; gaining access to website(s) where additional information or interactive functions can be performed; e.g. audible narration of the drug's characteristics and physical property descriptions, dosing, information, and publications, etc. A user; e.g. patient equipped with the appropriate application on a portable or handheld device can scan the certificate, mark, or seal and be provided with notifications regarding; e.g. immediate recall of the medication, adverse events, new formulations, critical warnings of an immediate and emergency nature made by prescription drug regulatory authorities and, or their agents. A user; e.g. patient equipped with a portable or handheld device with the appropriate application software can use the portable and, or handheld device to store prescription drug information in a secure, non-editable format on their device for personal use; e.g. MD's Office Visits, Records Management, Future Authentications, Emergency use by first responders etc. A user; e.g. patient equipped with the appropriate application on a portable or handheld device can scan the drug via an optical scan, picture capture, spectroscopy or other means of identifying its physical properties and characteristics; e.g. spectral signature, size, shape, color, texture, opacity, etc and use this data to identify the prescription drug's name, and manufacturer. A user; e.g. patient equipped with the appropriate application on a portable or handheld device and having the certification system can receive updated information (as a subscriber in a client/server relationship) on a continuing or as needed ad hoc basis (as permitted) about notifications made by prescription drug regulatory authorities regarding; e.g. immediate recall of medications, adverse events, new formulations and critical warnings of an immediate and emergency nature. A user; e.g. patient, subscriber to the certificate system equipped with the appropriate application on a portable or handheld device will be notified by audible and visible warnings of potential adverse affects between drug combinations stored in their device's memory of previously “Certified Drugs.” A user; e.g. patient subscriber to the certification system equipped with the appropriate application on a portable or handheld device will receive notification of potential adverse affects from drug combinations, as reported and published by medical professionals in documents and databases reported to; e.g. Drug Enforcement Administration (DEA), Health and Human Services, (HHS) Food and Drug Administration, (FDA) National Library of Medicines, (NLM) and their agents; e.g., Daily Med, Pillbox, RX Scan, PDR, etc.

1. A method for prescription drug authentication by receiving a certificate representing manufacturing origin and distribution touchpoints of a prescription drug on a blockchain.

2. A method of claim 1, comprising retrieving active pharmaceutical ingredients (API) and inactive pharmaceutical ingredients (IPI) from the blockchain.

3. A method of claim 2, comprising authenticating the drug after comparing the API and IPI with data from Drug Enforcement Administration (DEA) Health and Human Services, (HHS) Food and Drug Administration, (FDA) National Library of Medicines, (NLM) etc. for the purpose of identifying the prescription drug'(s) and manufacture name indicated by those ingredients.

4. A method of claim 1, comprising tracing the drug through a supply chain from manufacturer to retailer, dispenser with Pedigree Trail, Serialized Numerical Identification (SNI), Stock Keeping Units (SKU), Point of Sale System (PDS) E-Pedigree Systems.

5. A method of claim 1, comprising generating a certificate, seal, mark and computer scannable symbol such as 2 or 3 dimensional symbol; e.g. QR Code, Bar Code, Watermark, Stealth Dots, etc.

6. A method of claim 5, comprising rendering a seal on a prescription drug housing presented to a patient by a licensed pharmacy indicating an authentication and logistics validation process authorized by regulatory agencies prior to being dispensed.

7. A method of claim 5, comprising reading the certificate (mark) and receiving confirmation of the prescription drug's name and manufacturer.

8. A method of claim 7, comprising linking to a web site with information about the drug's characteristics and physical property descriptions, dosing, information, and publications, drug recall of the medication, adverse events, new formulations, critical warnings of an immediate and emergency nature made by prescription drug regulatory authorities or manufacturers.

9. A method of claim 5, comprising storing prescription drug information in a secure, non-editable format on their device for personal use; e.g. MD's Office Visits, Records Management, Future Authentications, Emergency use by first responders.

10. A method of claim 5, comprising reading drug content from the certificate and comparing the drug content with a scan of the drug via an optical scan, picture capture, spectroscopy or other means of identifying its physical properties and characteristics; e.g. spectral signature, size, shape, color, texture, opacity, etc. and use this data to identify the prescription drug's name, and manufacturer.

11. A method of claim 5, comprising communicating a potential adverse effect notification(s) arising from drug combinations in databases held by regulatory authorities and their agencies including Health and Human Services (HHS), Food and Drug Administration (FDA), National Library of Medicines (NLM), Drug Enforcement Administration (DEA), Daily Med, Pillbox, RX Scan, PDR, or third party databases.

Verifying Authenticity of Prescription for Medication

In one aspect, a method for verifying the authenticity of prescriptions used to control the dispensing of medicaments, the method comprising:

prescribing a medicament entitlement token with a blockchain identifier unique to a patient and a blockchain identifier unique to a prescribing professional at a prescribing location;

transmitting the token to a dispensing location;

retrieving the blockchain identifier of the patient at the dispensing location;

authenticating the patient based on the blockchain identifier of the patient; and

dispensing the medicament to the patient.

The system makes healthcare data easily accessible with relatively minimal privacy and hack risk to all patient stakeholders, including the patient themselves, family, caregivers, clinics, providers, insurance companies and all those with a stake in their patients' health. Each and every one of these stakeholders or network peers approved by the patient can easily join health blockchains as either nodes or buyer or seller of tokens or payments to gain access to patient data, utilizing a variety of open access methods and smart contracts that store and monitor real-time contractual conditions agreed to by and between various stakeholders. The health blockchains can be used for tracking the development of drugs, doctor and nurses credentialing, real-time population health data analysis and alerts, insurance peer-to-peer risk pooling, telemedicine and home health visit data sharing, decentralized autonomous organizations, verification and audits, and remote device monitoring commonly addressed today under the Internet of Things category. The blockchains enable analytics-for-healthcare products and services, malpractice insurance and friction-less claims processing hence shorter revenue cycles. Smart contracts powered by a blockchain can provide consumers and payors with the means to manage claims in a transparent, immutable and responsive fashion. Insurance contracts, premium payments and their respective claims can be recorded onto a blockchain and validated by node consensus, preventing fraudulent claims from being processed. Smart contracts can enforce claims triggering payments when due or dispatching specialists, nurses or doctors to follow up with patients when anticipated claims are not recorded by presumptive dates.

In one embodiment, behavioral contracts are developed between payor and patient to trigger rewards for attending support groups, regularly engaging a telehealth professional, reporting health conditions (possibly at kiosks with bitcoin point-of-care devices), and meeting agreed upon health goals. A smart contract would trigger a reward payment (or loss) when goals are met near real-time to the patient's public bitcoin address which in turn can be tendered at local participating outlets equipped with point-of-contact devices including community centers, supermarkets and apartment complexes to pay bills, purchase healthy foods and meet rent obligations.

FIGS. 13H-13I show exemplary medical supply chain that works with blockchain for tamperproof origin and shipping supply chain authentication of genuine medical products. One system collects results for virtually any test, and storing and trending data. This ensures that the control systems are operating as intended. These trends provide valuable insight into the effectiveness of decontamination procedures, housekeeping practices, personnel training, and the potential for microbial build-up during production. The present invention provides configurable means for electronically documenting, storing, and reporting on monitored environmental parameters. Those skilled in the art will recognize that computer programs in accordance with the present invention is able to reside on hardware, and with software that already exists in many manufacturing facilities.

In one embodiment a product may be any tangible or intangible thing that may be exchanged for value, excluding the first transaction 204; in other words, the value for which the product is exchanged is unrelated to the value of the product or service exchanged to produce the first transaction. The product may be a good, such as an article of manufacture or an item produced in agriculture. The product may be merchandise. The product may be a consumable. The product may be a fixed asset. The product may be a circulating tool. The product may be a library books. The product may be capital equipment. The product may be a bill of fiat currency. The product may be commercial paper. The product may be an item, such as a coupon or voucher, which may be used as proof of payment for a service. For instance, the product may be a ticket for conveyance on a transportation carrier such as a train, bus, or airline. The product may be a ticket for an entertainment event such as a sporting event or a concert. The system can also verify the quality of services such as legal services, financial services, consulting services, financial planning services, repair services, cosmetic services, healthcare services, medical services, massage services, among others.

In some embodiments, the first computing 201 is configured to export an address to a first code such as a bar code affixed to a product. The system may include a code generator coupled to the first computing device. The code generator can be a bar code generator or a wireless code such as a near field communication (NFC) code. Upon receipt by a bar code scanner or an NFC scanner, the product authenticity can be verified. The product may combine other anti-counterfeiting measures with the first code such as a holographic icon or a special tamperproof case/housing, for example.

In some embodiments, the first code is incorporated in a manufacturing control system (not shown) that may rely upon codes, such as barcodes or NFC/RFID tags, to provide automatic identification of products. To record manufacturing transaction, the system may use a code scanner to automatically identify the product, and then may collects additional information from operators via fixed terminals (workstations), or mobile computers. The code used in the system may be matched to a data structure mapping codes to data concerning products, such as a database. The data structure mapping codes to products may be the transaction register. The data structure mapping codes to products may be separate from the transaction register. The party managing the manufacturing control system may be the party managing the system. The party managing the inventory control system may be a separate party.

In one embodiment, an address is a textual datum identifying the product or service serial number or ID number in a secured transaction. In some embodiments, the address is linked to a public key, the corresponding private key of which is owned by the recipient of the transfer of product or service. For instance, the address may be the public key. The address may be a representation, such as a hash, of the public key. The address may be linked to the public key in the memory of a computing device. Where the address is linked to a public key, the transferee in the secured transaction may record a subsequent transaction transferring some or all of the product or service to a new address in the same manner.

In some embodiments, the transaction register includes a data storage facility controlled by a trusted party. The data storage facility may include a database and the data storage facility may include a data structure such as a hash table that permits rapid lookup of data stored in the data storage facility. The trusted party may be a proprietor of the system. The trusted party may be a third-party entity, such as an entity maintaining data centers for services such as cloud-computing services. In other embodiments the at least one transaction register may include several data storage facilities maintained by one or more trusted parties; for instance, the at least one transaction register may include several data storage facilities, to which secured transactions are directed as set forth in further detail below. The data storage facilities may be on the same machine. The data storage facilities may be on the same server. The data storage facilities may be in different servers, but in the same data center. The data storage facilities may be in various data centers. The at least one transaction register may be several transaction registers to which secured transactions are directed.

The transaction register may include a distributed, consensus-based ledger and the transaction register may include a hash chain, in which data is added during a successive hashing process to ensure non-repudiation. The transaction register may include a private register run by a predetermined group of entities. For example, the group may be the FDA and select trusted pharmaceutical companies. In other cases, the group can be a number of banks working together. In yet other cases, the group can be a stock market such as NYSE or NASDAQ and banks/traders. In yet other cases, the group can be members of the Army, Air Force, or Navy, or can even be all three. The advantage of having select group members is that sensitive data can be contained to the group for a predetermined purpose rather than broadcasted to the world for anyone to inspect in an encrypted form.

In some embodiments, the transaction register includes a block chain. In one embodiment, the block chain is a transaction register that records one or more new secured transactions in a data item known as a block. The blocks may be created in a way that places the blocks in chronological order, and links each block to a previous block in the chronological order, so that any computing device may traverse the blocks in reverse chronological order to verify any secured transactions listed in the block chain. As a non-limiting example, each new block may be required to contain a cryptographic hash describing the previous block. In some embodiments, the block chain contains a single first block, known as a “genesis block.” As an example, the protocol may require a new block to contain a cryptographic hash describing its contents; the cryptographic hash may be required to satisfy a mathematical condition, achieved by having the block contain a number, called a nonce, whose value is determined after the fact by the discovery of the hash that satisfies the mathematical condition. Continuing the example, the protocol may be able to adjust the mathematical condition so that the discovery of the hash describing a block and satisfying the mathematical condition requires more or less steps, depending on the outcome of the previous hashing attempt. The mathematical condition, as an example, might be that the hash contains a certain number of leading zeros and a hashing algorithm that requires more steps to find a hash containing a greater number of leading zeros, and fewer steps to find a hash containing a lesser number of leading zeros. In some embodiments, the production of a new block according to the protocol is known as “mining.” Each block created in the block chain 206 may contain a record or transaction describing one or more addresses that receive an incentive, such as product or service, as the result of successfully mining the block 206 b.

Where two entities simultaneously create new blocks, the block chain 206 may develop a fork; the protocol may determine which of the two alternate branches in the fork is the valid new portion of the block chain 206 by evaluating, after a certain amount of time has passed, which branch is longer. “Length” may be measured according to the number of blocks in the branch. Length may be measured according to the total computational cost of producing the branch. The protocol may treat only secured transactions 204 contained the valid branch as valid secured transactions. When a branch is found invalid according to this protocol, secured transactions registered in that branch may be recreated in a new block in the valid branch; the protocol may reject “double spending” secured transactions 204 that transfer the same product or service that another secured transaction in the valid branch has already transferred. As a result, in some embodiments the creation of fraudulent secured transactions requires the creation of a longer block chain branch by the entity attempting the fraudulent secured transaction than the branch being produced by the rest of the participants; as long as the entity creating the fraudulent secured transaction is likely the only one with the incentive to create the branch containing the fraudulent secured transaction, the computational cost of the creation of that branch may be practically infeasible, guaranteeing the validity of all secured transactions in the block chain. In some embodiments, where the algorithm producing the blocks involves a cryptographic hash using a well-designed hashing algorithm, attempts to avoid the computational work necessary to create the hashes by simply inserting a fraudulent transaction in a previously created block may be thwarted by the “avalanche effect,” whereby a small alteration of any data within the block chain causes the output of the block chain to change drastically; this means that alterations are readily detectable to any person wishing to validate the hash of the attempted fraudulent block.

Additional data linked to a secured transaction may be incorporated in blocks in the block chain; for instance, data may be incorporated in one or more fields recognized by block chain protocols that permit a person or computer forming a transaction to insert additional data in the block chain. In some embodiments, additional data is incorporated in an unspendable transaction field. For instance, the data may be incorporated in an OP RETURN within the Bitcoin block chain. In other embodiments, additional data is incorporated in one signature of a multi-signature transaction. In an embodiment, a multi-signature transaction is a secured transaction to two or more addresses. In some embodiments, the two or more addresses are hashed together to form a single address, which is signed in the digital signature of the secured transaction. In other embodiments, the two or more addresses are concatenated. In some embodiments, the two or more addresses may be combined by a more complicated process, such as the creation of a merkle tree as described below. In some embodiments, one or more addresses incorporated in the multi-signature transaction are typical secured addresses, such as addresses linked to public keys as described above, while one or more additional addresses in the multi-signature transaction contain additional data related to the transaction; for instance, the additional data may indicate the purpose of the transaction, aside from an exchange of product or service, such as the item for which the product or service was exchanged.

The transaction register may include a block chain ecosystem data structure. In one embodiment, a block chain ecosystem data structure is a data structure that is located outside a block chain but uses the block-chain as a basis for reliability or security by giving elements in the block chain ecosystem data structure a secure and reproducible relationship with elements within the block chain. The block chain ecosystem data structure may create the relationship by inserting representations of elements from the block chain ecosystem data structure into blocks in the block chain; for instance by “merge hashing,” where the elements are part of what gets hashed as block chain data during the hashing algorithm for blocks as described above. For example, in some embodiments, the transaction register may include an alternative chain. In one embodiment, an alternative chain is one or more blocks (not shown) that are incorporated into a blockchain, by including at least one hash representing data in the alternative chain in at least one block in the blockchain that is mined; where the mathematical puzzle involved in creating the new block is the production of a new hash, the additional hash in the block may not affect the degree of difficulty, and thus miners are not put at a computational disadvantage incorporating the alternative chain. The alternative chain may be incorporated using one or more hash trees, such as one or more merkle trees (not shown). The merkel tree may a structure containing a hash of each datum in the alternative chain as leaf notes, with each internal node containing a hash of all of its child nodes; thus, by the avalanche principle, the root of a merkle tree may be a hash that recursively represents all the data hashed in the merkle tree, and thus a set of data in the alternative chain, so that incorporation of the root in a block in the blockchain 206 amounts to incorporation of the data from the alternative chain that the merkle tree represents. A miner may charge a fee for incorporating the alternative chain in a block the miner mines. In an embodiment, verification of a transaction filed in the alternative chain involves first locating the transaction in the alternative chain, verifying its digital signature, and verifying each hash between that location and the blockchain block (for instance by verifying each hash in the merkle tree from the leaf corresponding to the transaction to the root), verifying the hash of the block incorporating the alternative chain, and then verifying the block up the block chain as described above. In other embodiments, the hash tree is a tiger tree. In other embodiments, the alternative chain is linked to the block chain via a hash chain (not shown).

In some embodiments, data linking the block chain ecosystem data structure to the block chain is incorporated in an unspendable transaction field. For instance, the data may be incorporated in an OP RETURN within the Bitcoin block chain. In other embodiments, data linking the block chain ecosystem data structure to the block chain is incorporated in one signature of a multi-signature transaction. For example, the root of a merkle tree may occupy one or more addresses that are signed in a multi-signature transaction.

In other embodiments, elements in the block chain ecosystem data structure are mapped to elements in the block chain by means of an agreed-upon mapping protocol. For instance, rather than inserting a hash from the block chain ecosystem into the block chain, an algorithm may establish a mathematical relationship between an element in the block chain ecosystem data structure and an element in the block chain; the mathematical relationship may be unique to the element in the block chain ecosystem data structure. The mathematical relationship may be unique to the element in the block chain. As a non-limiting example, elements in a block chain ecosystem data structure may be mapped to particular transactions in the block chain. Elements in the block chain ecosystem data structure may be mapped to particular addresses in the block chain. Elements in the block chain ecosystem data structure may be mapped to particular hashes corresponding to blocks. The mapping may be performed using digital signatures; for instance, the owner of a private key corresponding to a public key represented by an address in the block chain may sign an element in the block chain ecosystem with the private key. Each element in the block chain may be hashed, and the space containing all hashes may be mapped to elements in the block chain using a mathematical algorithm.

In other embodiments, the block chain ecosystem data structure may incorporate a side chain. In some embodiments, a side chain is a block chain that is operated parallel to a main block chain, using transactions or transaction outputs extracted from and later merged back into the main block chain via two-way pegging. The transactions or transaction outputs may be merged back into the main block chain by performing a combined hash of the latest link in the side chain with the latest link in the block chain. The combined hash may use a merkle tree as described above to reduce the computational difficulty associated with a combined hash of two entire blocks.

In an exemplary embodiment, a decentralized property system and method are provided to allow ownership rights to be transferred directly from one party to another without requiring a central authority to operate or secure the system. Digital signatures provide a method to issue and transfer titles within the system. Using a blockchain, distributed consensus on who owns what are achieved. Digital assets can be uniquely identified by digital fingerprints using cryptographically-safe hash functions. Fingerprints computed from images of the asset may be used in a method to uniquely identify physical assets. In some embodiments, the unique identifier used for a physical asset may be a physical unclonable function. Title transfers are verifiable and create an unforgeable chain-of-ownership (“provenance”). Digital signatures and other methods like fingerprinting provide a method to issue and transfer titles. An Asset Record that includes specific attributes describing the property is created to digitally represent the asset. An Issue Record is then created to represent instances of the property linking to a specific Asset Record. A Transfer Record is created to record each ownership changes. The Transfer Records are chained together and the root is chained to the Issue Record, which is chained to the Asset Record. Each system user has an account that is associated with a unique number, for example, an Ed25519 public-key (“pubkey”) pair, or other appropriate pubkey system, which allows the user to sign Issue and Transfer Records. The owner of the is identified by their pubkey. This differs from Bitcoin, which only has one type of address and signature because the bitmark account can support multiple types of signatures, including post-quantum computing algorithms such as SPHINCS.

In an aspect, encoded data derived from images of local regions of a physical object are used to securely reference (“fingerprint”) physical assets based on unique surface-level texture patterns, rendering the physical asset traceable as a digital item. For pets, encode picture and sound can render the asset traceable. For newborn babies, the encoded picture, sound, and fingerprint/footprint can render the child traceable. A cryptographically-safe hash function is used to fingerprint digital assets. The system provides a framework for authenticating different objects or materials via extracting and matching their fingerprints. Biometric fingerprinting processes, which use patterns such as ridge ending and bifurcation points as the “interest points,” can be used. Stereo photometric techniques can be used for reconstructing local image regions of objects that contain the surface texture information. The interest points of the recovered image regions can be detected and described by state-of-the-art computer vision algorithms. Together with dimension reduction and hashing techniques, the approach is able to perform object verification using compact image features for virtually any object, including documents, for practical physical object authentication tasks.

In one implementation, a digital asset is certified via embedding its SHA256 digest in the blockchain. This is done by generating a transaction that encodes/contains the hash via an OP_RETURN script. This is a bitcoin scripting opcode that marks the transaction output as provably unspendable and allows a small amount of data to be inserted, which is the digital asset hash, plus a marker to identify all of a company's transactions. Once the transaction is confirmed by the blockchain, the digital asset is permanently certified and proven to exist at least as early as the time the transaction was confirmed. If the document hadn't existed at the time the transaction entered the blockchain, it would have been impossible to embed its digest in the transaction (This is because of the hash function's property of being second pre-image resistant). Embedding a hash and then adapting a future document to match the hash is also impossible (due to the pre-image resistance of hash functions). Hence, once the blockchain confirms the transaction generated for the digital asset, its existence is proven, permanently, with no trust required. To manually confirm the asset's existence at the timestamped time, the system calculates the document's SHA256 digest and finds a transaction in the bitcoin blockchain containing an OP_RETURN output with the document's hash prepended by marker bytes. The existence of that transaction in the blockchain proves that the digital asset (or intellectual property) existed at the time the transaction got included into a block. The system proves data ownership without revealing actual data by publicly revealing the digest and if conflict arises the device can produce the data that generates the digest. The system can prove certain data exists at a certain moment of time. As we use the blockchain to store the document proof, the system can certify the existence of your document without the need of a central authority. The system can check for asset integrity. The system will only recognize it if it is completely and fully the same document. The slightest change will be recognized as different, giving user the security that certified data can't be changed.

1. A method for recording ownership in data generated by an IOT device, the method comprising: generating a digital asset by an IOT device; generating a hash representation of the asset; placing on an audit chain a transaction to an address associated with a public key corresponding to a private key; asserting the IOT device as the owner of the digital asset with one or more marker bytes; and looking for a transaction matching the digest and marker bytes to prove the IOT device first had possession of the intellectual property or digital asset. Then the IOT device can securely update data, or provide access rights to the digital asset.

2. A method according to claim 1, wherein receiving further comprises receiving the public key.

3. A method according to claim 1, wherein receiving further comprises receiving a digital signature signed with the private key.

4. A method according to claim 1, wherein receiving further comprises: transmitting a challenge to the first entity, and receiving a digital signature signing the challenge.

5. A method according to claim 1, wherein receiving further comprises: transmitting a message encrypted using the public key; and receiving, by the IOT device from the first entity, a decrypted version of the message.

6. A method according to claim 1, wherein retrieving further comprises retrieving a transaction from a second entity to the first entity.

7. A method according to claim 6, wherein authenticating further comprises: authenticating the second entity; and determining that the at least one crypto-currency transaction represents an act of authentication of the first entity by the second entity.

8. The method of claim 6, wherein the transaction from the first second entity to the first entity further comprises granting access rights to the first entity.

9. A method according to claim 1, wherein authenticating further comprises determining a reputation based on at least one crypto-currency transaction, a financial value of at least one crypto-currency transaction, an identity of the first entity, or an access right of the first entity.

In another embodiment, a method for recording ownership rights in an asset includes: generating an asset record having a fingerprint comprising a hash of a digital representation of the asset, a public key of a client who generates the asset record, and a digital signature comprising a private key of the creating client; communicating with one or more nodes of a peer-to-peer network to generate an entry in a public ledger by performing the steps of: generating at least one issue record comprising a hash of the fingerprint, the public key of the creating client, and an owner signature comprising a hash of the digital signature of the creating client with the hashed fingerprint and the public key of the creating client. In some embodiments, the asset is digital property selected from the group consisting of music, video, electronic books, digital photographs, digital images, and personal data. In another embodiment, the asset is physical property, and the method further includes generating a digital fingerprint corresponding to the physical property using an image of a physical property.

The method may further include generating a first transfer record for recording a transfer of the asset to a new owner, wherein the transfer record comprises a double hash of a complete issue record for the asset and a public key of the new owner, wherein the transfer record is digitally signed by the owner signature; using a blockchain algorithm to generate a distributed consensus of ownership of the asset associated with the owner signature to validate the first transfer record; and if the first transfer record is validated, displaying the transfer record on the public ledger; and if the first transfer record is not validated, rejecting the transfer record. In some embodiments, the method may further include, after the step of generating the first transfer record: displaying at the user interface a payment request; and determining whether a user payment has been remitted before proceeding with the step of executing. The method may further include generating a subsequent transfer record for recording a transfer from a prior owner to a subsequent new owner, wherein the subsequent transfer record comprises a double hash of a prior transfer record, and a public key of the subsequent new owner, wherein the subsequent transfer record is digitally signed by the prior owner. In some embodiments, the method may further include, after the step of generating the subsequent transfer record: displaying at the user interface a payment request; and determining whether a user payment has been remitted before proceeding with the step of executing. In embodiments in which the at least one issue record comprises multiple issue records, each issue record includes a different nonce and is associated with a separate blockchain.

In another aspect of the invention, a system for recording ownership rights in an asset includes: a client computing device configured for generating an asset record having a fingerprint comprising a hash of a digital representation of the asset, a public key of a client who generates the asset record, and a digital signature comprising a private key of the creating client; a peer-to-peer network in communication with the client computing device to generate an entry in a public ledger by performing the steps of: generating at least one issue record comprising a double hash of the fingerprint, the public key of the creating client, and an owner signature comprising a hash of the digital signature of the creating client with the double hashed fingerprint and the public key of the creating client; and displaying the at least one issue record on the public ledger. The asset may be digital property selected from the group consisting of music, video, electronic books, digital photographs, digital images, and personal data. Alternatively, the asset may be physical property, where the client computing device is further in communication with a photometric stereo device configured for generating a digital fingerprint corresponding to the physical property using a local image of a region of interest on a surface of the physical property. The photometric stereo device is configured for identifying local interest points within the photometric stereo image using a keypoint detector; and encoding the local interest points as a binary string using a binary descriptor; wherein the binary string comprises the digital representation of the asset.

In one embodiment, the blockchain address is used to replace the databases holding registration information for trademarks, patents, designs and copyright. By registering IP rights on a distributed ledger, the IP provides smart intellectual property rights, providing a robust and trustworthy proof of record. Further the claims of the IP are expressed as contract conditions that allow automatic attachment to infringing products or articles. For trademark, linked to and connected to actual use of products, so that (first) use in trade/commerce requirements could be updated immediately. This in turn would affect how trademarks could be cleared for registration and use since actual use information could—theoretically and if the law was changed accordingly to provide for this possibility—be added to the registration details of a trade mark on the official register. This would mean that evidence and information of actual use of a trade mark in trade, as well as the frequency of such use could be readily shared and be available on the official trade mark register. The official register could also reflect the state of the market, which is relevant when it comes to assessing the infringement risk in many jurisdictions.

If all transactions relating to a product bearing a particular trade mark are entered on the blockchain, then that use of the trade mark on the blockchain provides evidence of use of the trade mark in trade. The system simplifies the process of proving evidence of use of a trade mark in trade and/or or first use in commerce, depending on the jurisdiction, as well as providing other evidence at an IP office or court, for example evidence of acquired distinctiveness or secondary meaning. Further, whenever use of a trade mark in trade/commerce can be reconciled with information on a blockchain ledger then this could enable evidence of such use to be notified to the relevant IP office or authority virtually immediately on the occurrence of a verified event of such use. This would substantially lower the burden of collecting relevant evidence for rights holders and at the same would simplify the process at respective IP Office.

In one embodiments, private blockchains which are tightly controlled, with rights to modify and/or read the blockchain restricted to a small number of users, can be used for certification and/or collective trademarks, which the added bonus that fake certificates could almost immediately be identified as such. Evidence of creatorship provided by blockchain can be done: if an original design document and details of the designer are uploaded to a blockchain, this creates a time-stamped record and good evidence to prove these matters. Locking evidence of their use and conception on a blockchain could make their enforcement much easier and at the same time also act as a deterrent to potential infringers. Provenance authentication Blockchain also allows you to record objectively verifiable details about when and where products are made and about the people that made them. The information is used for brand protection and information, including trade mark registration details, legal information, assignment and chain of title information and/or evidence of (first) use in trade or commerce. Brand owners use this function to record where goods are placed on the market—allowing them to distinguish grey goods in cases of parallel imports and identify where they left the supply chain. In the same way, blockchain could be used to monitor and control leaks from selective distribution networks and so assist in enforcing such agreements. This capability will render the technology of interest to other industries, such as the pharmaceutical industry. The system can link products to blockchain however (rather than to URLs as is common in QR Code marketing) is the immutable nature of the information which appears on the blockchain. This makes it an attractive and safe place for a brand to imprint upon its products with brand messages, product and potentially also legal information: blockchain can be used for much more than marketing.

The system can use the blockchain address as a way of securing intellectual property and digital creative works such as images or music. The blockchain ledger is intended to be a secure and reliable way of proving a work's attribution and provenance. And the programmable nature of the digital block makes it possible to enforce smart contract based usage rights.

In travel and hospitality as well as retail, blockchain is used in loyalty-points programs, including more advantageous accounting treatment of the liabilities created by the accrual of points, real-time updating of points balances, and better management of points across franchised operations due to the fact that a shared distributed ledger can simplify the settlement process.

The blockchain can be used to secure access to and from the IOT device in an embodiment. Access right is the right of an entity to use the IOT device or network of computing devices for at least one purpose. For instance, an access right may permit an IOT device possessing the appropriate authentication credentials to operate another IOT device or a computer after “logging on” to the computer. An access right may permit the IOT device to perform some functions, while forbidding the performance of other instructions. The computing device may be configured to ignore or refuse commands from an IOT device that does not have a user account with the access right to instruct the IOT device to execute those commands. In some embodiments, the access right gives the IOT device with the ability to access a particular network or a particular network access point. The access right may affect the ability to access one or more master nodes of a network. The access right may affect the ability to access or read messages directed to particular user account within a messaging service; for instance, the access right may control whether a particular IOT device can read a particular email account, an instant message, a text message, or a voice over internet protocol stream. The access right may give the IOT device the ability to decrypt an encrypted message; in some embodiments, where the access right is tied to the possession of a particular private key, an encrypted message or stream may be encrypted using the corresponding public key. The access right may give a device the ability to unlock the use of an application or suite of applications on a computing device; for instance, the device may be able to access communication sites concerning classes. The user may be able to access music on a cloud service or on a local computing device. The device may be able to access streaming media over a network if in possession of the access right. The access right may give the device the ability to lock out or allow entry to certain people peer-to-peer (P2P) network and to those files. The access right may control the ability of a user or IOT device to access an application programming interface (API). The access right may control access to a particular file or set of files; for instance, the access right may lock access to confidential information, or information that could be used for identity theft, such as passport, social security, birth certificate data, permit data, data concerning licenses, data concerning escrowed property, legal documents such as wills, settlements or divorce decrees, or electronic access to physically locked devices such as safe-deposit boxes or the doors to vehicles or buildings.

In one implementation, a processor coupled to the body and associated with a blockchain with a blockchain address, the processor accessing a digital key in trusted memory to securely sign a blockchain transaction for a contract stored on a decentralized ledger, wherein the processor to stores events on the blockchain relating to identity. The identity is used for accessing a computer, building or equipment.

In another implementation, a method for authentication by an IOT device, the method comprising: receiving, by the IOT device, from a first entity a private key; retrieving from an audit chain a transaction to an address associated with a public key corresponding to the private key; and authenticating the first entity. Then the IOT device can securely update with code from the first entity, or receive data from the first entity.

FIG. 14A shows an exemplary smart contract agent running in electronic agents that carry out transactions. The same agent is also judge agent, arbitrator agent, and jury agents who have to resolve machine to machine contractual disputes. Agent technology is used for developing such systems that situates and operates in a dynamic and heterogeneous environment. An agent is an autonomous software entity that is situated in some environment where it can monitor and response to changes proactively or reactively by itself or through communication with other agents to persistently achieve certain goal/task on behalf of user or other agents. These agents can form contract with other agents and use the smart contract framework discussed above for ensuring certainty in executing their tasks.

Expert (knowledge) systems contain two basic elements: inference engine and knowledge base. The knowledge base holds all information related to the tasks at hand: the rules and the data on which they will be applied. The inference engine is a mechanism that can operate the information contained in the knowledge base. In a rule-based system, the knowledge base is divided into a set of rules and working memory (or database). Just like an IF-THEN sentence, each rule has two parts: a premise and a conclusion. A rule is said to be fired when the inference engine finds the premise is stored as TRUE in working memory (the knowledge base) and it incorporates the conclusion of the rule to the working memory (knowledge base) too. Working memory is the database contained in the knowledge base. This holds all facts that describe the current situation. Generally, the expert system will start with very few facts. These will expand as the system learns more about the situation at hand, and as far as some rules are executed. The inference engine or rule interpreter has two tasks. First, it examines facts in working memory and rules in the rule base, and adds new facts to the database (memory) when possible. That is, it fires rules. Second, it determines in what order rules are scanned and fired. The inference engine can determine the order in which rules should be fired by different methods such as forward chaining, backward chaining, breadth- or depth-wise scan techniques, etc. Applications that use forward chaining, such as process control, are called data-driven. Applications that use backward chaining are called goal-driven. Forward chaining systems are typically used where relevant facts are contained in small sets and where many facts lead to few conclusions. A forward chaining system must have all its data at the start, rather than asking the user for information as it goes. Backward chaining should be used for applications having a large set of facts, where one fact can lead to many conclusions. A backward-chaining system will ask for more information if needed to establish a goal.

In addition to expert systems, a pattern recognizer called neural networks can be used. Neural networks attempt to mimic the human brain by “learning” different sets of stimulus patterns (such as medical symptoms) and their associated responses (diagnoses). Incomplete and/or overlapping sets of stimuli can be presented to the neural network, which can then return several responses matching those stimuli using probability weightings to produce an ordered list of responses. Each neural network problem session contains a set of defined stimuli, a set of defined responses, and a set of relationships between specific groups of stimuli and the response that each group is to produce. The set of stimuli (responses) is represented by a group of stimulus (response) nodes at what is called the “input (output) layer.” Then, there is usually one or more intermediate layers, containing nodes that are each linked to every input layer node and every output layer node in the network. The number of the middle layer nodes is usually equal to the average of the number of input and output nodes. Probability values (weights) are then associated with each of these connections and are constantly being updated as the network “learns” new information.

Further, when a planning agent works in a complex, real-world domain, it is unable to plan for and store all possible contingencies and problem situations ahead of time. The agent needs to be able to fall back on an ability to construct plans at run time under time constraints. Thus, a system for performing dynamic planning at run time is needed.

Turning now to FIG. 14A, one smart assistant agent with smart contracting capability is illustrated in more detail. The agent is software based agent. In FIG. 14A, one or more sensors 180 receives incoming information. The sensors ISO in turn transfer the data to an enactor 181. The enactor 181 in turn makes a decision based on its current situational data, as captured by sensors 180. The enactor 181 then drives an actuator 182. In addition to receiving data from the sensor 180, the enactor 181 also receives instruction from a predictor/goal generator 184, which in turn is connected to a general knowledge warehouse 183. The external data sensed by the sensor 180 is also delivered to both the warehouse 183 and the predictor/goal generator 184. Additionally, both the warehouse 183 and the predictor/goal generator 184 are connected to a plurality of specialist knowledge modules, including a scheduler 185, an information locator 186, a communicator 187, a form filler 188, a trainer 189, a legal expert 190, a medical expert 191 and additional experts 192. The knowledge warehouse 183 has a representation for the user's world, including the environment, the kind of relations the user has, his interests, his past history with respect to the retrieved documents, among others. Additionally, the knowledge warehouse 183 stores data relating to the external world in a direct or indirect manner to enable to obtain what the assistant needs or who can help the electronic assistant. Further, the knowledge warehouse 183 is aware of available specialist knowledge modules and their capabilities since it coordinates a number of specialist modules and knows what tasks they can accomplish, what resources they need and their availability. The smart electronic or on-line assistant agent can issue smart contracts detailed above to optimize cost or operational efficiency on behalf of its master which can be another electronic smart agent or a human master.

In FIG. 14A, the protocol is processed by an expert system or a computer system that emulates the decision-making ability of a human judge, arbitrator or legal expert. Expert systems are designed to solve complex problems by reasoning about knowledge, represented mainly as if-then rules rather than through conventional procedural code in one implementation. The expert system is divided into two subsystems: the inference engine and the knowledge base. The knowledge base represents facts and rules. The inference engine applies the rules to the known facts to deduce new facts. The implementation of FIG. 14A has a plurality of knowledge modules to apply contract laws and run inferences on the facts. The expert system of FIG. 14A can have the following modules to honor smart contracts:

I. Formation of Contracts: Contract is an agreement that is legally enforceable.

A. Offer:

1. General test: An offer is a manifestation of an intention to contract. Absent hacking or malware in an Offeror machine, the Offeree (recipient) machine would believe that its answer or assent creates a contract.

2. Specific Pattern Handling

a) Content:

(1) Generally, offer is not required to contain all material terms as long as they can be looked up or verified in a central repository, however, some terms are necessary.

(2) Sale of real estate: requires price and description.

(3) Sale of goods: no price requirement.

(4) Vague or ambiguous material terms are not an offer

(5) Production contract/output contract/requirements contract: A contract for the sale of goods can state the quantity of goods to be delivered under the contract in terms of the buyer's requirements or Seller's output.

(6) An advertisement can be an offer if it is specific as to quantity and indicates who can accept.

(7) Termination of Offers (4 methods) an offer cannot be accepted if it has terminated.

(a) Lapse of Time: Stated expiration date or reasonable time (30 days is usually the reasonable time).

(b) Revocation (words or conduct of Offeror machine):

(i) When:

(a) Revocation of an offer sent through SMS, email, chat message, or mail is not effective until received.

(b) An offer cannot be revoked after it has been accepted.

(c) Generally offers can be freely revoked by the Offeror machine except when the Offeror machine promised to keep the offer open (option) and this promise is supported by consideration.

(d) An offer cannot be revoked for up to 3 months if

(i) Contract is for sale of goods

(ii) A confirmation specifically to keep the offer open for 3 months is the ceiling even if the written contract says 6 months, and

(iii) Party is a merchant.

(e) Merchant: An agent/computer for an entity who deals in the type of goods involved in a transaction or holds themselves out as having special knowledge in the goods.

(i) An offer cannot be revoked if there has been a detrimental reliance by the Offeree machine that is reasonably foreseeable.

(ii) The start of performance pursuant to an offer to enter into a unilateral contract makes that offer irrevocable for a reasonable time to complete performance.

(f) Unilateral: (e.g. Offeror machine offers Purchaser $1,000 if Purchaser modifies an object in virtual or augmented reality, Purchaser starts the work. Offeror machine cannot revoke.)

(g) Performance, not mere preparation: (e.g. If Purchaser only orders codes for modifying the virtual object and has not started, then Offeror machine can still revoke.)

(c) Rejection (words conduct of the Offeree machine):

(i) Counteroffer: Counteroffer terminates the offer and becomes a new offer.

(ii) Conditional acceptance: A conditional acceptance terminates the offer and becomes a new offer.

(iii) Indirect Rejection: Additional terms

(iv) Alternative module 1: Mirror image rule, an “acceptance” that adds new terms is treated like a counteroffer rather than an acceptance.

(v) Alternative module 2: Still acceptance with seasonal expression of acceptance. A fact pattern in which there is 1) an offer to sell goods and 2) a response with additional terms raises 2 separate analysis modules:

(a) Is there a contract: Generally yes, because a response to offer that adds new terms is generally treated as an acceptance with a “seasonal expression of acceptance”

(b) Is the additional term a part of the contract:

(c) If both machines are agents for merchants, the additional term is a part of the contract except 1) the additional term is not a part of the contract if he materially changes the offer or 2) if Offeror machine objects to the change.

(d) If one or both machines are not agent for merchant, the additional term is merely a proposal that is to be separately accepted or rejected.

B. Acceptance of an Offer

1. An offer can be accepted only by

a) A recipient computer who knows about the offer by direct communication, message board or a search of the Internet

b) Who is the recipient to whom offer was made? Offers cannot be assigned; options can be assigned.

2. Methods of Accepting an Offer

a) Offeree machine starts to perform: Start of performance is acceptance of an offer to enter into a bilateral contract but is not acceptance of an offer to enter into a unilateral contract.

(1) Bilateral: Offer is open as method of acceptance so start of performance is acceptance.

(2) Unilateral: Offers require performance for acceptance so that start of performance is not acceptance; completion of performance is required.

The start of performance pursuant to an offer to enter into a unilateral contract makes that offer irrevocable for a reasonable time to complete performance. Offeror machine is locked, but Offeree machine is not.

b) Offeree machine promises to perform

c) Offeree machine sends acceptance through the mails:

(1) Generally, if an offer is “invited” to accept by texting, SMS, email, chat communication, or printed/mailed, acceptance is effective when posted (emailbox rule)

(2) Except:

(a) Offer otherwise provides

(b) Rejection, then acceptance, then no emailbox rule, so whichever arrives first controls.

(c) Option deadlines: Mailbox rule is inapplicable: When deadline is specified in an option (promise to keep open with consideration), acceptance must be received by that date, no emailbox rule.

(3) If the seller of goods sends the “wrong goods”:

(a) Generally, this will amount to acceptance and breach

(b) Except: When goods come with Accommodation (letter with explanation): Counteroffer and no breach

(4) If Offeree machine is silent: Silence is not acceptance except if offer agrees that silence is acceptance (e.g. if you do not hear from me by Friday, I accept).

C. Consideration or a Consideration Substitute

a) Performance; e.g. doing something not obligated to do

b) Forbearance; e.g. not doing something entitled to do

c) Promise to perform: Has to be in good faith

d) Promise to forbear: Has to be in good faith

2. Adequacy of consideration: Look for consideration in modification.

a) Mutuality of obligation: Unless both parties to a contract are bound to perform, neither party is bound.

b) Implied promises: Promises made without words such as by boarding a bus or ordering a meal, the person impliedly promises to pay

c) Disproportionate exchanges: Give up something of nothing is not a valid consideration

3. Partial payment as consideration for promise to give balance of debt: Not yet due or disputed: Agree to take payment when it is not yet due, or when he has disputed, may constitute a consideration for release.

D. Defenses:

1. Capacity to contract: hacked machine or unknown software bug leading to abnormal contract terms

a) Consequences of incapacity

(1) Right to disaffirm by computer without capacity

(2) Implied affirmation makes the contract enforceable against the machine benefiting from the contract obligations even if machine was incapacitated

(3) Liability for necessity—if machine needed for survival (source of energy, shelter from weather, for example)

2. Statute of Frauds (SOF) check for

(a) A service contract not capable of being performed within one year from the time of contracting (comes up in 5 fact patterns)

(i) Time of performance (date of start: Assume can be done in 1 day) is more than one year from the date of contracting: SOF applies since performance cannot be finished in 1 year

(ii) Employment for one year, but start after date of contracting: SOF applies

(b) Transfer of an interest in real estate for a term of more than 1 year

(i) Includes: Permanent (or anything greater than 1 year) sales of land, easements, and leases.

b) If SOF is applied, is it satisfied?

(1) “Satisfied”, here, means there is no defense on the basis of the SOF, because the agreement is enforceable on the following satisfaction of the SOF: E.g. via performance or a writing in the following circumstances

(2) 3 Methods for satisfying the SOF (eliminating SOF defenses):

(a) Performance: Rules vary depending on the type of contract

(i) Services contracts

(a) Full performance by either party satisfies the SOF

(b) Part performance does not satisfy the SOF (there still exists a SOF defense against enforcing the contract).

(ii) Sales of Ordinary Goods: Part performance of a contract for sale of goods satisfies the SOF, but only as to the extent of the part performance (can sue for payment for what was actually delivered, but not on the undelivered remainder of the contract—still a SOF defense to that).

(iii) Sales of Specialized Goods: As an exception to the above rule, if the contract is for goods that are “specially manufactured” then the SOF is satisfied as soon as the seller makes a “substantial beginning” in making or obtaining the goods

(iv) Real Estate Contacts: Need 2 out of following 3 to satisfy the SOF on performance grounds (completion of just 1 is not enough: Still a defense on SOF grounds):

(a) Payment of (at least part) of purchase price

(b) Transfer of possession

(c) Making improvements to the land

(b) A Written Instrument (e.g. a writing) that meets the following will satisfy the SOF (will eliminate any SOF defense):

(i) For any contract other than for UCC2 goods

(a) Look to the writing(s) and see if all the material terms are identified:

(i) Who are the parties to be bound

(ii) What is the extent of their obligation

(b) The party to be charged (the D) signed the writing even if the other party (P) did not sign

(ii) For a UCC2 2 (goods) contract

(a) Writing must contain the quantity term

(b) Party to be charged (D) must have signed the writing

(i) Exception: If both parties are merchants, and one receives a signed writing (by the P) with a quantity term that claims there is a contract, the party to be charged must respond within 10 days of receipt: If not, the SOF defense for the D will be lost (contract enforceable)

(c) Judicial Admission of Sale of Goods Agreement: This is essentially an admission (by the party to be charged) that there was an agreement: Comes through pleadings, discovery

3. SOF related Issue

a) Authorization to enter into contract for someone else: When does a person need a written authorization in order to execute a contract for someone else? The authorization must be in writing if the contract to be signed is within the SOF. E.g. the authorization must be of “equal dignity”.

b) Contract Modification: When does a modification of a contract have to be in writing? If the contract, with the modification, is within the SOF, the modification must be inwriting.

C) Contract Provisions: Under Common Law, contract provisions requiring that all modifications be in writing are ignored; under the UCC2, such provisions control unless waived.

E. Illegality, Misrepresentation, Duress

1. Illegal Subject Matter/Illegal Purpose: If the subject matter is illegal, the agreement is void. If the subject matter is legal but the purpose is illegal, the agreement is enforceable only by the person who did not know of the illegal purpose.

2. Misrepresentation:

a) Misrepresentation is a false assertion of fact, or concealment of facts.

b) Misrepresentation as to terms of contract is voidable. (A says house does not have termites when it does); Misrepresentation as to nature of contract is void (A tells B this is a lease agreement when it is a purchase agreement:Void)

c) Common Issues:

(1) Fraudulent or Material: Seller truly believes house has no termites, then he has just material but not fraudulent.

(2) Reliance: Relied on inspector and not the seller's statement, then seller does not have misrepresentation.

(3) Duress: Elements include one party (D) with improper threat and one party (P) with no reasonable alternative (in a vulnerable situation), and the 2 parties entered into an agreement. Then he has a defense to contract.

3. Unconscionability:

a) This doctrine, originally only applicable to sales of goods but now a part of contracts law generally empowers a court to refuse to enforce all or part of an agreement.

b) The 2 basic test, unfair surprise and oppressive terms, are tested as of the time the agreement was made (if he was fair at the time he has made, even if he becomes unfair later, he has deemed fair) by the court.

4. Ambiguity: There will be no contract if

a) Parties use a material term that is open to at least 2 reasonable interpretations, and

b) Each party attaches different meaning to the term, and

c) Neither party knows, or has reason to know meaning attached by other. (If one party knows, then there is a contract with the interpretation of the ignorant party.)

5. Mistake of Fact:

a) Mutual mistakes of material fact; no contract if

(1) Both parties mistaken

(2) And basic assumption of fact materially affects the agreed exchange (e.g. as to what he is=unenforceable; as to what he has worth=enforceable)

(3) No mistake of fact if both parties assumed the risk

b) Unilateral Mistake of Material Fact:

(1) Generally, courts have been reluctant to allow a party to avoid a contract for a mistake made by only one party

(2) Except, when there is

(a) Palpable mistakes: If the other party knows or should have known the mistake, courts grant relief to the mistaken party

(b) Mistakes discovered before significant reliance by the other. (can get out of contract)

II. Terms of Contract (Parol Evidence Rule and Interpretation)

A. Parol Evidence Rule:

1. General Rules:

a) Written contract as the source of contract terms has an exclusionary effect on earlier or contemporaneous agreements as a possible source of terms of the contract.

b) Written agreement that court finds is the final agreement, oral statement made at the time the contract was signed, or earlier (not later) oral or written statements by the parties to the contract trigger the Parol evidence rule.

2. Terms:

a) Partial integration: Written and final, but not complete

b) Complete integration: Written and final and complete

c) Merger clause: Contract clause such as “This is the complete and final agreement”

3. Interpretation:

a) Despite Parol Evidence Rule, earlier agreements can be considered to resolve ambiguities in the written contract.

b) The Parol evidence rule prevents a court from considering earlier agreements as a source of consistent, additional terms unless the court finds that the written agreement was only a partial integration.

c) Even if the writing is a complete integration, a court can still consider evidence of earlier agreements for terms that would “naturally and normally” be in a separate agreement. (sale of goods contract mentioning ads, because ads are usually in a separate contract)

d) Regardless of whether the writing is a complete or partial integration, the Parol evidence rule prevents a court from considering earlier agreements as a source of terms that are inconsistent with the terms in the written contract. A court, may, however, consider evidence of such terms for the limited purpose of determining whether there was a mistake in integration, e.g. a mistake in reducing the agreement to writing.

B. Other Sources of Terms

1. Other than words of parties, other sources of contract terms include:

a) Course of performance: Same people, same contract (in the beginning of the contract did something, can use that to establish same performance in the end should not be complained.)

b) Course of dealing: Same people, different contract (dealt in another contract before)

c) Custom and usage: What is accepted in the industry? E.g. Time is ordinarily not of the essence in a land-sale contract, so delay in delivery is not breach

C. UCC2 Terms Interpretation:

1. Delivery Obligations of Seller of Goods:

a) Absent an agreement as to place of delivery then the place of delivery is the seller's place of business unless both parties know that the goods are somewhere else in which case that place is the place of delivery.

b) If an agreement as to place of delivery is there, then the question is what does the seller have to do to complete its delivery obligation?

(1) Shipment Contract:

(a) FOB (free on board city) FOB followed by city where the seller is means shipment contract.

(b) Seller completes its delivery obligation when he

(i) Gets the good to a common carrier

(ii) Makes reasonable arrangement for delivery

(iii) Notifies the buyer

(2) Destination Contract

(a) FOB followed by city where the buyer is means destination contract.

(b) Seller does not complete its delivery until the goods arrive where the buyer is.

2. Risk of Loss

a) Issues arise when:

(1) After contract has been formed, but before the buyer receives the goods

(2) The goods are damaged or destroyed and

(3) Neither the buyer nor the seller is to blame

b) 4 ROL rules:

(1) Agreement: Agreement of the parties controls.

(2) Breach: Breaching party is liable for any uninsured loss even though breach is unrelated to problem.

(3) Delivery by common carrier (not seller): Risk of loss shifts from seller to buyer at the time that the seller completes its delivery obligations.

(4) No agreement, no breach, no delivery by a carrier

(a) Key Issue: Is seller (not buyer) a merchant.

(i) Seller-Merchant: ROL shifts on buyer's receipt of the goods.

(ii) Non-Merchant-Seller: ROL shifts to buyer when he tenders the goods (makes the goods available).

c) Warranties of Duality: Watch for Parol evidence issues in warranty questions.

(1) Express:

(a) Words: Looks for words that promise, describe or state facts (not simply puffing, like opinions) (e.g. machine is made of steel vs. machine is well-made)

(b) Samples or models: Use of sample or model creates a warranty that the goods the buyer receives will be like the sample or model.

(2) Implied warranty of merchantability: When buying from a merchant, a term is automatically added to the contract by operation of law: That the goods are fit for the ordinary purpose for which such goods are used.

(a) Triggering fact: Seller is a merchant who deals in goods of that kind.

(b) Warranty: Goods are fit for ordinary purposes.

d) Implied warranty of fitness:

(1) Triggering fact: Buyer has particular purpose; buyer is relying on seller to select suitable goods, seller has reason to know of purpose and reliance.

(2) Warrant: Goods fit for particular purpose.

e) Contractual Limitations on Warranty Liability

(1) Disclaimer: May eliminate implied warranties (so if sold sample, signed contract with disclaimer, the warranties came with sample cannot be disclaimed)

(a) Express warranties: Cannot be disclaimed

(b) Implied warranties of merchantability and fitness:

(i) “as is” or “with all faults” or

(ii) Conspicuous language of disclaimer, mentioning “merchantability”

(2) Limitation of remedies: (e.g. warranty liability shall be limited to) does not eliminate warranty, simply limits or sets recovery for any breach of warranty: Possible to limit remedies even for express warranties.

(a) Test: Generally, the limit cannot be unconscionable (court standard)

(b) Prima facie unconscionable: If breach of warranty on consumer goods causes personal injury.

III. Conditions and Performance

A. Conditions of Performance:

1. A condition is a part of the contract, agreed to by both parties. A conditional acceptance is a part of the response to the offer, agreed to only by the Offeree machine.

2. Vocabulary of performance conditions

a) True condition: An event beyond the influence of either of the parties to the contract that affects the duty to perform. Condition coupled with a covenant: An event that is to some extent within the influence of one of the parties to the contract that affects the duty to perform.

b) Condition Precedent: Must occur precedes performance. Condition Subsequent: Must not occur during performance.

c) Express Condition: Created by language of contract. (words like “if”, “provided that”, “so long as”, “subject to”

d) Constructive Condition: Created by operation of law, are keyed to order of performance.

3. What is the standard for satisfying a condition?

a) Express conditions: Strict compliance with express conditions.

b) Constructive Conditions: Substantial performance standard.

(1) Substantial performance standard example: Writing says “all pipes must be gold”, but Seller installs silver pipe. Although the words “must be” are included in writing, they are no magic words for express condition. Therefore, upon installation, it is substantial performance. For constructive conditions, Buyer will pay the damages.

(2) Divisible contract and the substantial performance rule: If the contract itself divides the performance of each party into the same number of parts with each part performance by one party serving as consideration for the corresponding part performance by the other, then the contract is a divisible contract and the substantial performance test is applied to each divisible part of the contract.

4. How can an express condition be excused? Identify 1) who benefits from the condition? 2) Statement is made by the person giving up the benefit.

a) Estoppel or waiver:

(1) Estoppel is based on a statement by the person protected by the condition before the conditioning event was to occur and requires a change of position.

(2) Waiver: Based on a statement by the person protected by the condition after the conditioning event was to occur and does not require a change of position.

b) Failure to cooperate under a condition coupled with a covenant: (S contracts to sell his house to B for $10; contract provides that the sale needs B to have mortgage, B made no effort to obtain a mortgage. S can sue B if B refuses to buy the house)

B. Sale of Goods Performance Concept

1. Perfect tender: Generally, the seller is obligated to deliver perfect goods.

2. Cure: Seller who fails to make a perfect tender will be given a “second chance”, an option of curing, when

a) Time for performance has not yet expired

b) Time for performance has expired

c) Rejection of the goods: Rejection of the goods must occur before acceptance of the goods (no contract). If the goods are less than perfect, the buyer has the option to reject unless it is an installment sales contract.

d) Installment sales of contract: An installment sales contract requires or authorizes 1) delivery in separate lots 2) to be separately accepted; generally, the buyer has the right to reject an installment only where there is a substantial impairment in that installment that cannot be cured.

e) Acceptance of the goods:

(1) 3 scenarios

(a) Express of acceptance is acceptance

(b) Payment without inspection is not acceptance

(c) Implied acceptance-retention after inspection without objection. (30 days or more usually is the magic number that if the buyer kept the good without objection)

(2) Effect of acceptance: If the buyer accepts the goods, he cannot later reject them.

f) Revocation of acceptance of the goods: Generally, if a buyer accepts the goods, buyer cannot later reject them. In limited circumstances, a buyer can effect a cancellation of the contract by revoking his acceptance of the goods.

(1) Nonconformity substantially impairs the value of the goods, and

(2) Excusable ignorance of grounds for revocation or reasonable reliance on seller's assurance of satisfaction, and

(3) Revocation within a reasonable time after discovery of nonconformity.

g) Other Requirements and Consequence of rejection of the goods and revocation of acceptance of the goods:

(1) Requirements

(a) Reasonably notify seller

(b) Hold the goods for seller

(c) Follow reasonable seller instructions

(2) Consequences

(a) Goods back to seller

(b) No buyer payment obligation

h) Buyer's payment obligation:

(1) Generally, buyer needs to pay cash unless otherwise agreed

(2) Buyer can pay by check and

(3) Seller does not have to take the check but that gives the buyer an additional reasonable time.

IV. Excuse of Nonperformance (Discharge of Contractual Duties)

A. Failure of Condition: If a party's duty to perform is conditional, failure of the condition excuses the duty to perform.

B. Other Party's Breach:

1. Excuse in sales of goods: If the tender is less than perfect, the buyer can reject the goods and withhold payment—the buyer is excused from paying.

2. Generally, only substantial performance. If one party to a contract substantially performs, the other party is required to perform. A minor breach, however, will not excuse performance by the other party. Therefore, only material breach is an excuse for the other party.

3. Excuse by anticipatory repudiation or inability to perform:

a) Anticipatory Repudiation (AR) is a statement that 1) the repudiating party will not perform 2) made prior to the time that performance was due. AR by one party excuses the other party's duty to perform.

b) It also generally gives rise to an immediate claim for damages for breach.

(1) AR can be reversed or retracted so long as there has not been a material change in position by the other party.

(2) If the repudiation is timely retracted, the duty to perform is reimposed but performance can be delayed until adequate assurance is provided.

4. Excuse by Reason of a Later contract:

a) Rescission (cancellation) the key is whether performance is still remaining from each of the contract parties. (Usually too late if one party has already completed the work)

b) Accord and Satisfaction:

(1) Accord is an agreement by the parties to an already existing contract that the same parties will do something different that will extinguish or “satisfy” that existing obligation

(2) Satisfaction is performance of the accord.

(3) Effect of Accord and Satisfaction: The accord suspends legal enforcement of the original obligation so to provide time to perform the accord.

(4) Effect of no satisfaction: If the accord is not performed, then the other party can sue on either the original obligation or the accord.

c) Novation:

(1) Novation is an agreement between both parties to an existing contract to the substitution of a new party. E.g. same performance, different parties.

(2) Novation excuses the contracted for performance of the party who is substituted for or replaced.

(3) Novation requires the agreement of both parties to the original contract and excuses the person replaced from any liability for nonperformance. Delegation does not require the agreement of both parties and does not excuse.

5. Excuse of performance by reason of a later, unforeseen event

a) Performance/Contractual duties (other than a contractual duty to pay money) can be excused under impossibility/impracticability or frustration of purpose.

(1) Something that happens after contract formation but before the completion of contract performance.

(2) That was unforeseen

(3) That makes performance impossible or commercially impracticable or frustrates the purpose of the performance.

V. Remedies

A. Punitive Damages: Punitive damages are not generally recoverable for breach of contract.

B. Liquidated Damages:

1. Contract can stipulate damages or method of fixing damages. A contract cannot provide for penalty.

2. 2 general tests for determining whether a contract provision is a valid liquidated damages clause or an invalid penalty provision

a) At time of contract, the amount of possible damages from any later breach of contract is difficult to determine and

b) At time of contract, the contract provision is a reasonable forecast of possible damages.

C. Damages Rules for Ordinary Contracts

1. Generally, the injured party is entitled to recover an amount that would put him in as good a position as if the contract had been performed.

2. Additions and Limitations:

a) Plus foreseeable consequential damages: The injured party can also recover for consequential or special damages that were in reasonable contemplation of both parties at the time of the contract.

b) Plus incidental damages: The injured party can also recover costs he incurs in dealing with the breach.

c) Minus avoidable damages: No recovery for loss that can have been avoided by appropriate steps. Burden of Proof of avoidability is on the defendant.

D. Damages Rules for Sales of Goods:

1. When Seller breaches, and buyer keeps the goods: Buyer gets fair market value if perfect

fair market value as delivered. (E.g. S sells B an antique car for $30,000, the car is defective. B keeps the car and sues for breach of contract. The jury finds the car as delivered, although defective, still worth $20,000 dollars. Had the car been delivered as it should, it would have been worth $34,000. B can recover $34,000 (if perfect deliver): $20,000 (actual delivered)=$14,000)

2. When Seller breaches, and seller keeps the goods: Buyer gets the market price at time of discovery of the breach: contract price or replacement price-contract price.

3. When Buyer breaches and buyer has the goods: Seller can get the contract price.

4. When Buyer breaches and seller has the goods: Seller can get (contract price-market price at time and place of delivery) or (contract price-resale price) and, in some situations, provable lost profits.

E. Duasi-Contract and Reliance:

1. Unjust enrichment: Not based on contract law. A party should pay for the benefit and value of service and materials received. A promised gift does not count unless injustice can be avoided only by such enforcement.

2. Reliance damage: Reliance damages are valued by a party's reliance interest for the foreseeable amount. It puts the injured party in the same dollar position as if the contract never happened.

F. Nonmonetary Remedies: When remedy at law is inadequate

1. Specific Performance/Injunction: Equitable remedy. Unclean hands, adequacy of remedy at law, etc.

a) Contracts for sale of real estate

b) Contract for sales of unique goods like 1) antiques, 2) art, 3) custom-made (e.g. So car for example, would usually not qualify for specific performance because it is not unique)

c) Contract for services: No specific performance, possible injunctive relief.

2. Adequate Assurance of Future Performance; look for:

a) One party to contract learning something after the contract that gives him reasonable grounds for insecurity about the other party's performance, and

b) A written demand for adequate assurance.

3. Reclamation: Right of an unpaid seller to get its goods back. Key elements:

a) The buyer must have been insolvent at the time that he received the goods, and

b) That seller demand return goods within ID days of receipt

c) Buyer still has goods at time of demand

4. Stopping Goods in Transit or Recovering Goods in Storage if Buyer is Insolvent

5. Rights of good faith purchaser in entrustment:

a) If the owner leaves his goods with a person who sells goods of that kind

b) And that person wrongfully sells the goods to a third party

c) Then such a good faith purchaser from dealer cuts off rights of the original owner/entruster.

VI. Third Party Beneficiary Problems

a) Third party beneficiary: Not a party to the contract. Able to enforce contract others made for his benefit.

b) Promisor: Look for person who is making the promise that benefits the third party.

c) Promisee: Look for person who obtains the promise that benefits the third party

d) Intended/Incidental: Only intended third party beneficiary has rights. Intended third party beneficiary will be named in the contract.

e) Creditor/Donee: Intended beneficiaries are either Donees, or creditors. Usually Donees. Look at whether beneficiary was a creditor of the Promisee.

(1) For creditors: Need prove on debt of promise to credit or beneficiary.

(2) For Donee: Need a named beneficiary.

2. Dealing with Efforts to Cancel or Modify: The test is whether the third party knows of and assents to the contract. If the third party beneficiary has assented to or relied on the contract, his rights have vested and the contract cannot be canceled or modified without his consent unless the contract otherwise provides.

a) Who can sue whom:

(1) Beneficiary can sue Promisor: If pass the assents and knows test

(2) Promisee can sue Promisor: Third party beneficiaries are not replacement beneficiary, first 2 parties are still there.

(3) Donee beneficiary cannot sue promise but creditor beneficiary can:

3. Defenses: If the third party sues the Promisor, the Promisor can assert any defense that he would have had if sued by the Promisee. (So any defense between the 2 parties can be used by Promisor when sued by third party beneficiary.)

B. Assignments of Rights:

1. Assignment is: Look for

a) Contract between only 2 parties

b) One of the parties' later transfers of rights (not duty) under that contract to a third party.

c) Vocabulary:

(1) Assignor: Party who transfers right to another

(2) Assignee: Not a party to the contract. Able to enforce the contract because of the assignment.

(3) Obligor: Other party to the contract.

2. Limitations on Assignment:

a) Contract Provision: Determine whether contract

(1) Prohibits assignments or: Language of prohibition (e.g. rights are hereunder not assignable) takes away the right to assignment but not the power to assign which means that the assignor is liable for breach of contract but an assignee who does not know of the prohibition can still enforce the assignment.

(2) Invalidates assignments: Language of invalidation (e.g. all assignments are void) takes away both the right to assign and the power to assign so that there is a breach by the assignor and no rights in the assignee.

b) Common Law: Even if a contract does not in any way limit the right to assign. Common law bars an assignment that substantially changes the duties of the obligor.

(1) Assignment of right to payment: Permitted

c) Assignments of other performance rights:

(1) Not permitted

(2) Example: A assigns his right to security services to B so that C will now provide security services to B is not permitted.

d) Requirements for Assignment:

(1) Language has to be present: I assign, cannot be I will or I promise to assign

(2) Consideration, generally, is not required

e) Right of Assignee:

(1) Assignee can sue the obligor

(2) Obligor has same defenses against assignee as he would have against assignor.

(3) Payment by obligor to assignor is effective until obligor knows of the assignment.

(4) Modification agreement between obligor and assignor is effective if obligor did not know of assignment.

f) Multiple Assignments:

(1) Gratuitous assignment: Generally, last assignee wins; however, such a gift assignment can be freely revoked. Revocation can be accomplished directly or indirectly by bankruptcy, death, the assignor taking performance directly from the obligor, or the making of another assignment. Since the later gift assignment revokes an earlier gift assignment, without consideration, last in time rule applies and last assignee wins.

(2) Assignment for Consideration: Generally, first assignee for consideration wins, except

(a) A subsequent assignee takes priority over an earlier assignee for value only if he both

(i) Does not know of the earlier assignment and

(ii) Is the first to obtain payment, a judgment, a novation, or indicia of ownership?

(b) Multiple assignments for consideration as breach of warranty: In an assignment for consideration, the assignor makes a warranty that the rights assigned are assignable and enforceable.

C. Delegation of Duties to Agents or Sub-Agents:

1. Delegation is: Party to a contract transferring work (not right) under that contract to third party. (e.g. P contracts to paint 0's virtual house for 1000 bitcoins, then P has a duty to paint and a right to payment and 0 has a duty to pay and a right to the painting of the virtual house)

2. Duties Are Delegable:

a) Generally, contractual duties are delegable.

b) Limitations are 1) contract prohibits delegations or prohibits assignments or 2) contract calls for very special skills or 3) person to perform contract has a very special reputation (e.g. Mariah Carey cannot just delegate her duty to sing at Emmy's tome).

3. Requirements for delegation: Essentially none.

a) Consideration not required, but no legal obligation on Delegatee unless there is consideration.

b) Consent of other party to the original contract not required for delegation.

4. Consequences of Delegation:

a) Delegating party remains liable

b) Delegatee liable to Obligee only if he receives consideration from delegating party.

In one embodiment, security interests can be created by the electronic selling agents (creditor agents) who provide value to buying electronic agents (debtor agents) for particular resources or data access. In one embodiment, the UCC tangible collateral category are used against 1) inventory, 2) equipment, 3) consumer goods, and 4) farm products. The system includes attachment code with 1) a security smart contract, 2) debtor agent has rights in the collateral, and 3) creditor agent gives value. The blockchain title is used to avoid the situation where the debtor agent has given more than one security interest, the collateral has been transferred, or against a bankruptcy Trustee. Attachment establishes the creditor's rights against the debtor and is necessary for the secured party to repossess the collateral or related proceeds from the debtor. Security Agreement is an authenticated blockchain record authenticated by debtor, reasonably identify the location and use of the collateral good or data.

The system includes code to assert a purchase money security interest (PMSI) by mere attachment for certain goods such as consumer goods. The blockchain is used for perfection to protect the creditor agent against third parties. Perfection can be accomplished through 1) possession 2) control 3) filing 4) mere attachment, or 5) title certificate. Filing of a financing statement is at the location of the debtor. Filing of the security interest on the blockchain gives constructive notice to all and is effective at the time of filing.

The agent or assistant automatically schedules and executes multiple information retrieval tasks in accordance with the user priorities, deadlines and preferences using the scheduler. The scheduler analyzes durations, deadlines, and delays within its plan while scheduling the information retrieval tasks. The schedule is dynamically generated by incrementally building plans at multiple levels of abstraction to reach a goal. The plans are continually updated by information received from the assistant's sensors, allowing the scheduler to adjust its plan to unplanned events. When the time is ripe to perform a particular search, the assistant spawns a child process which sends a query to one or more remote database engines. Upon the receipt of search results from remote engines, the information is processed and saved in the database. The incoming information is checked against the results of prior searches. If new information is found, the assistant sends a message to the user. While the result of the search is displayed to the user, his or her interaction with the search result is monitored in order to sense the relevancy of the document or the user interest in such search. Turning now to FIG. 14B, the routine to monitor the user interest is shown. In FIG. 14B, from step 340, the routine displays the next agreement or document found by the information locator. Next, in step 342, a timer is initialized to track the time taken to review the document displayed in step 341. In the event that the document is an HTML page with links, the routine detects whether the user has selected one of the links in step 343. If not, the routine calls a HyperText link (hyperlink) handler in step 344. From step 344, or from step 343 if the user has not selected the Hyperlink, the routine proceeds to step 345 where it checks if the user has reviewed all relevant agreements found during the search. If not, the routine loops back to step 341. Alternatively, in the event that the user has reviewed every document found during the instant search, the routine of FIG. 14B computes in step 345 the time the user spent on the entire review process, as well as the time spent on each document. Documents with greater user interest, as measured by the time spent in the agreement as well as the number of hypertext links from each agreement, are analyzed for new keywords and concepts in step 347. Next, the new keywords and concepts are clusterized using cluster procedures such as the k-means clustering procedure known in the art and the resulting new concepts are extracted in step 348. Next, in step 349, the query stored in the database is updated to cover the new concepts and keywords of interest to the user. In this manner, the procedure of FIG. 14B adapts to the user's interests and preferences on the fly so that the next interval search is more refined and focused than the previous interval search.

It should also be seen that it is within the scope of the system for any part or all of a package to be encrypted using the public key of the intended recipient, and this can be developed to produce useful additional services. Also, if it is required that a contract only be valid if held on a particular user's CMS, then it would be necessary to include a package in the contract that the user had to sign, requiring the use of the user's private key. A 3rd party CMS who wishes to further confirm the user's identity can check by asking the user to digitally sign a message at the time the 3rd party CMS is in communication with the user's CMS. If the user's public key decrypts the message and the same key works with the user's contract, then the user's identity is confirmed.

In the preferred embodiment, the rules at any nested level of sealed package within the contract indicate the party supplying the sealing signature at that level of the sealed package. It will be seen, however, that the rules at one level may in fact indicate the parties supplying the sealing signatures of any sealed packages contained in that one level. In the preferred embodiment, these can be associated with any URL within the rules indicating the location of any sealed packages. This, however, has the disadvantage that a sealed package would not have within itself an indication of the party who sealed it.

It should also be noted that, while the body and the database package content described above contain absolute information encapsulated within the contract, it is possible for the content of a contract to be relative. As mentioned above, with the increase in capabilities of smartcards, it is possible to largely rely on a CMS running in a smartcard, with the smartcard also holding a copy of a user's private key. With the smartcard connected to an unsecured terminal, a package of modest size can be passed into the smartcard CMS for signing and then returned.

In commercial terms, apart from royalties for each machine a CMS is installed on, the validation signature for a package represents the moment that a package becomes ‘official’ and offers revenue-earning opportunities. Any change in the package rules requires a new validation signature to be issued. By forwarding the partly completed package to a server on the Internet, along with payment, the server can complete the process and return the completed package.

The system can be used for IOT Micro-Insurance Claims processing. Insurance processors have to wade through fraudulent claims, fragmented data sources, or abandoned policies for users to state a few—and process these forms manually. Room for error is huge. The blockchain provides a system for risk-free management and transparency. Its encryption properties allow insurers to capture the ownership of assets to be insured. FIG. 14B shows an exemplary micro insurance system for IOT system. The IOT device can be any system such as robots or medical monitoring devices. In one example, the IOT device can also be a car, and the insurance can be adjusted for driver behavior, and such driver information is securely and immutably stored on the blockchain. In contrast to conventional insurance where one driver is assigned to one car, the system can be used to variably charge premium to different car renters who use smart cars, for example. In an embodiment for smart car micro rental insurance, at 4402, a driver monitoring unit with camera and acceleration sensors can be configured to monitor the behavior of the driver. The system can be configured to include the driver monitoring unit installed in the vehicle to monitor the behavior parameters of the driver while the vehicle is being driven. The IOT system can be a vehicle can include cameras, gyroscope, magnetometer, accelerometer, and other sensors installed thereon to monitor the behavior parameter of the driver. In an embodiment, the cameras or sensors may be placed at any place in the vehicle, such as for example at four corners of the front windshield, in a way that it can directly capture the behavior parameters of the driver. For example, based on the driver gestures, the cameras can detect finger position to detect that driver is pointing at a particular object or vehicle and searches the internet for the vehicle. Further, in an embodiment, a flexible display film adhesively secured on the front windshield. The display can be used controlled by a computer to display info in a discrete way that may not take driver's eyes off the road and opposing vehicles. In an embodiment, at 4404, the driver monitoring unit can be configured to transmit the behavior parameters of the driver to the server 4202. In an embodiment, the driver behavior parameters described herein can include for example, but not limited to, vehicle speed, vehicle accelerations, driver location, seatbelt use, wireless device use, turn signal use, driver aggression, detection of CO2 vapor, detection of alcohol, driver seating position, time, and the like. In an embodiment, at 4406, the server 4202 can be configured to transmit the driver behavior parameters to one or more insurance providers 4204. In an embodiment, at 4408, the server can be configured to analyze the driver behavior parameters and adjust the insurance rates for the driver. For example, if the driver is driving roughly by drinking alcohol then the insurance rate may get decreased. In an embodiment, at 4410, the server can be configured to match the driver behavior preferences with similar or substantially similar preferences of other drivers. The server can be configured to generate action recommendations best matching the behavior of the driver. In an embodiment at 4412, the server can be configured to provide the generated recommendations to the driver. Based on the driver behavior parameters the sever 4202 provides feedback and recommendations to the driver, such as to improve the driving skills. Further, in an embodiment, a flexible display film adhesively secured on the front windshield. The display can be used controlled by a computer to display info in a discrete way that may not take driver's eyes off the road and opposing vehicles. In an embodiment, at 4414, the server 4202 can be configured to frequently monitor the behavior parameters associated with the driver. Any changes in the behavior parameters can affect the overall system performance and the driver experience. The server 4106 can be configured to frequently monitor and dynamically update the insurance rate and action recommendations, which in turn helps the driver for effectively improving the driving skills.

Referring again to FIG. 14B, to method 4700 can be used for selectively providing car insurance information to a service provider, according to embodiments as disclosed herein. At step 4702, the driver behavior is monitored. The behavior data can include external parameters and/or internal parameters. In an embodiment, the driver behavior data/parameters described herein can include for example, but not limited to, vehicle speed, vehicle accelerations, driver location, seatbelt use, wireless device use, turn signal use, driver aggression, detection of ethanol vapor, driver seating position, time, and the like. In an embodiment, the behavior data can be over a period of hours, days, weeks, and so forth. In an embodiment, the behavior data gathering can be continuous, at predefined intervals, or at random intervals. In accordance with some aspects, data can be gathered while a vehicle is in operation and at other times (e.g., at two a.m. to determine where the vehicle is parked overnight). In an embodiment, a change to an insurance premium and/or an insurance coverage is prepared, at 4704. The change is based on one or more of the driver behavior data, wherein each item of driver behavior data can have a different weight assigned. For example, data gathered related to weather conditions might be given less weight than data gathered related to user distractions (e.g., passengers, use of a mobile device while vehicle is in operation, and so forth). In another example, excessive speed might be assigned a higher weight than data related to safety performance of the vehicle. As such, data with a higher weight can be given more consideration than data with a lower weight (e.g., data assigned a higher weight can have a greater impact on the cost of insurance). Thus, if the user is traveling at (or below) the speed limit and speed is assigned a greater weight, then the safe speed will tend to decrease (or remain constant) the cost of insurance. In an embodiment, the driver is notified of the change, at 4706. The notification can be in any perceivable format. In an example, the notification is provided as a dashboard-mounted display. In another example, presenting the change can include displaying the modified cost of the insurance policy in a dashboard-mounted display and/or a heads-up display. In an embodiment, a service provider is notified of the change, at 708. At substantially the same time as notifying the service provider (or trusted third party) of the change, parameters taken into consideration (and associated weight) can also be provided. In such a manner, the service provider (or third party) can selectively further modify the cost of insurance, which can be communicated to the user though the vehicle display or through other means. he service provider (or third party) might be provided the change information less often than the insurance cost change information is provided to the user. For example, the user can be provided the insurance cost change information dynamically and almost instantaneously with detection of one or more parameters that can influence the insurance cost. However, the insurance provider (or third party) might only be notified of the change after a specified interval (or based on other intervals). For example, insurance cost changes might be accumulated over a period of time (e.g., two weeks) and an average of the insurance cost changes might be supplied to insurance provider. In such a manner, the user has time to adjust parameters that tend to increase (or decrease) the cost of insurance, which allows the user to have more control over the cost of insurance. n an embodiment, vertical market specialization for insurance is provided where markets are defined based on granular aspects of coverage and presented to one or more insurance subsystems to obtain quotes for a coverage premium. Such specialization allows insurance companies to compete in more specific areas of insurance coverage, which allows for more accurate premium rates focused on the specific areas or one or more related scenarios. In addition, the granular aspects of coverage can be provided to one or more advertising systems in exchange for further lowered rates, if desired. According to an example, an insurance market can be defined based on granular information received regarding an item, a related person, use of the item, etc. Based on the market, premium quotes can be obtained from one or more insurance subsystems related to one or more insurance brokers. In addition, rates can be decreased where the granular information can be provided to an advertising system, in one example. In this regard, targeted advertisements can additionally be presented to system related to requesting the insurance coverage. Policies can be automatically selected based on preferences, manually selected using an interface, and/or the like.

While smart car rental micro insurance is discussed, the micro insurance system can be used for many IOT systems. The system can be used for Smart Property. A tangible or intangible property, such as cars, houses, or cookers, on the one hand, or patents, property titles, or company shares, on the other, can have smart technology embedded in them. Such registration can be stored on the ledger along with contractual details of others who are allowed ownership in this property. Smart keys can be used to facilitate access to the permitted party. The ledger stores and allows the exchange of these smart keys once the contract is verified. The decentralized ledger also becomes a system for recording and managing property rights as well as enabling the smart contracts to be duplicated if records or the smart key is lost. Making property smart decreases risks of running into fraud, mediation fees, and questionable business situations. At the same time, it increases trust and efficiency.

Other uses of the system include: Software licenses, so that when a piece of software starts on a host machine, the software requests the CMS for a valid contract; Television licenses; Car, home and other insurance; Mortgages; Product Guarantees; Payment Receipts; Pay-per view and television access tokens; Internet downloaded music playback licenses; Road tolls payment tokens; any task that requires positive verification such as commands issued between mission-critical systems; or distributed device architectures (e.g. JINI) that require inter-device validation and authorization. The process not only cuts down on fraud, such as double spending or spams, but also transfers funds simply, safely, and fast.

The blockchain allows stranger to loan money and taking the smart property as collateral. No need to show the lender credit or work history. There is no need to manually process the numerous documents. The property's encoded on the blockchain for all to see. The system works with smart property and the key is easily transferred or copied. The blockchain ledger solves this problem by allowing blockchain miners to replace and replicate a lost protocol.

The system enables Blockchain Internet-of-Things (IoT) commerce. For example, an autonomous robot can order electricity or supplies. In one example, the robot as an energy buyer can send an energy supplier a transaction and which Energy seller later uses to spend that transaction. The energy buyer spends satoshis to a typical Bitcoin address, and then lets Energy seller further spend those satoshis using a simple cryptographic key pair. Energy seller can first generate a private/public key pair before Energy buyer can create the first transaction. Bitcoin uses the Elliptic Curve Digital Signature Algorithm (ECDSA) with the secp256k1 curve; secp256k1 private keys are 256 bits of random data. A copy of that data is deterministically transformed into an secp256k1 public key. Because the transformation can be reliably repeated later, the public key does not need to be stored. The public key (pubkey) is then cryptographically hashed. This pubkey hash can also be reliably repeated later, so it also does not need to be stored. The hash shortens and obfuscates the public key, making manual transcription easier and providing security against unanticipated problems which might allow reconstruction of private keys from public key data at some later point.

Energy seller provides the pubkey hash to Energy buyer. Pubkey hashes are almost always sent encoded as Bitcoin addresses, which are base58-encoded strings containing an address version number, the hash, and an error-detection checksum to catch typos. The address can be transmitted through any medium, including one-way mediums which prevent the spender from communicating with the receiver, and it can be further encoded into another format, such as a QR code containing a bitcoin: URI. Once Energy buyer has the address and decodes it back into a standard hash, she can create the first transaction. She creates a standard P2PKH transaction output containing instructions which allow anyone to spend that output if they can prove they control the private key corresponding to Energy seller's hashed public key. These instructions are called the pubkey script or scriptPubKey. Energy buyer broadcasts the transaction and it is added to the block chain. Energy seller's wallet software displays it as a spendable balance. When, some time later, Energy seller decides to spend the balance, he must create an input which references the transaction Energy buyer created by its hash, called a Transaction Identifier (txid), and the specific output she used by its index number (output index). He must then create a signature script—a collection of data parameters which satisfy the conditions Energy buyer placed in the previous output's pubkey script. Signature scripts are also called scriptSigs.

Pubkey scripts and signature scripts combine secp256k1 pubkeys and signatures with conditional logic, creating a programmable authorization mechanism.

For a P2PKH-style output, Energy seller's signature script will contain the following two pieces of data:

His full (unhashed) public key, so the pubkey script can check that it hashes to the same value as the pubkey hash provided by Energy buyer.

A secp256k1 signature made by using the ECDSA cryptographic formula to combine certain transaction data (described below) with Energy seller's private key. This lets the pubkey script verify that Energy seller owns the private key which created the public key.

Energy seller's secp256k1 signature doesn't just prove Energy seller controls his private key; it also makes the non-signature-script parts of his transaction tamper-proof so Energy seller can safely broadcast them over the peer-to-peer network. The data Energy seller signs includes the txid and output index of the previous transaction, the previous output's pubkey script, the pubkey script Energy seller creates which will let the next recipient spend this transaction's output, and the amount of satoshis to spend to the next recipient. In essence, the entire transaction is signed except for any signature scripts, which hold the full public keys and secp256k1 signatures. After putting his signature and public key in the signature script, Energy seller broadcasts the transaction to blockchain miners through the peer-to-peer network. Each peer and miner independently validates the transaction before broadcasting it further or attempting to include it in a new block of transactions.

Another embodiment works with Ethereum which is a platform that allows people to easily write decentralized applications (Dapps) using blockchain. A decentralized application is an application which serves some specific purpose to its users, but which has the important property that the application itself does not depend on any specific party existing. The Ethereum blockchain can be alternately described as a blockchain with a built-in programming language, or as a consensus-based globally executed virtual machine. The part of the protocol that actually handles internal state and computation is referred to as the Ethereum Virtual Machine (EVM). From a practical standpoint, the EVM can be thought of as a large decentralized computer containing millions of objects, called “accounts”, which have the ability to maintain an internal database, execute code and talk to each other.

In one embodiment, the blockchain uses a database called a Patricia tree (or “trie”) to store all accounts; this is essentially a specialized kind of Merkle tree that acts as a generic key/value store. Like a standard Merkle tree, a Patricia tree has a “root hash” that can be used to refer to the entire tree, and the contents of the tree cannot be modified without changing the root hash. For each account, the tree stores a 4-tuple containing [account_nonce, ether_balance, code_hash, storage_root], where account_nonce is the number of transactions sent from the account (kept to prevent replay attacks), ether_balance is the balance of the account, code_hash the hash of the code if the account is a contract and “ ” otherwise, and storage_root is the root of yet another Patricia tree which stores the storage data. Unlike Bitcoin, Ethereum blocks contain a copy of both the transaction list and the most recent state. Aside from that, two other values, the block number and the difficulty, are also stored in the block. The basic block validation algorithm in Ethereum is as follows:

Check if the previous block referenced exists and is valid.

Check that the timestamp of the block is greater than that of the referenced previous block and less than 15 minutes into the future

Check that the block number, difficulty, transaction root, uncle root and gas limit (various low-level Ethereum-specific concepts) are valid.

Check that the proof of work on the block is valid.

Let S[0] be the state at the end of the previous block.

Let TX be the block's transaction list, with n transactions. For all i in 0 . . . n−1, set S[i+1]=APPLY(S[i],TX[i]). If any application returns an error, or if the total gas consumed in the block up until this point exceeds the GASLIMIT, return an error.

Let S_FINAL be S[n], but adding the block reward paid to the miner.

Check if the Merkle tree root of the state S_FINAL is equal to the final state root provided in the block header. If it is, the block is valid; otherwise, it is not valid.

There are two types of accounts:

Externally owned account (EOAs): an account controlled by a private key, and if you own the private key associated with the EOA you have the ability to send ether and messages from it.

Contract: an account that has its own code, and is controlled by code.

When a user sends a transaction, if the destination of the transaction is another EOA, then the transaction may transfer some ether but otherwise does nothing. However, if the destination is a contract, then the contract in turn activates, and automatically runs its code. The code has the ability to read/write to its own internal storage (a database mapping 32-byte keys to 32-byte values), read the storage of the received message, and send messages to other contracts, triggering their execution in turn. Once execution stops, and all sub-executions triggered by a message sent by a contract stop (this all happens in a deterministic and synchronous order, ie. a sub-call completes fully before the parent call goes any further), the execution environment halts once again, until woken by the next transaction.

The distributed ledger or block chain can be used for anonymous energy data analysis and benchmarking, smart grid management, green certificate trading, energy trade validation, and energy arbitrage among microgrids and main grid.

Smart contracts can be embedded with an if-this-then-that (IFTTT) code, which gives them self-execution. In real life, an intermediary ensures that all parties follow through on terms. The blockchain not only waives the need for third parties, but also ensures that all ledger participants know the contract details and that contractual terms implement automatically once conditions are met.

Personal health records can be encoded and stored on the blockchain with a private key which would grant access only to specific individuals and compliant with HIPAA laws (in a secure and confidential way). Only authorized patients can open and consume prescription drugs. Receipts of surgeries can be stored on a blockchain and automatically sent to insurance providers as proof-of-delivery. The ledger, too, can be used for general health care management, such as supervising drugs, regulation compliance, testing results, and managing healthcare supplies.

The system provides solution in the music industry include ownership rights, royalty distribution, and transparency. The digital music industry focuses on monetizing productions, while ownership rights are often overlooked. The blockchain and smart contracts technology can circuit this problem by creating a comprehensive and accurate decentralized database of music rights. At the same time, the ledger and provide transparent transmission of artist royalties and real time distributions to all involved with the labels. Players would be paid with digital currency according to the specified terms of the contract. The payment for derivative work is automated, and using executable codes, variations of the music or content can be generated for consumption based on payment modes.

In one embodiment, an IOT data producer with desirable data advertises on the blockchain the type of data available and price. To enable this, the producer posts the dataset, or at minimum a description of the dataset to a searchable data store discoverable via a web search or by common active marketing activities, such as feeds to targeted potential data buyers, advertisements, and so forth. An IOT buyer finds the data producer and accepts the terms of the smart contract where the data items, the kinds of changes to data items, the scheduling of transmissions upon changes, and other operational choices are made and agreed to. The data producer and data buyer agree to fees and prices and payment terms for the originating dataset itself as well as for the changes to values of data items to be posted to the block chain infrastructure by the data producer. Micropayments, digital and hard currency transactions, and other payment or reward methods for the dataset and the changes in values of data items are communicated using the smart contract. The buyer is notified of pending transmission and consequent transactions can continue until terminated according to the smart contract. The computer readable code on the device of the data buyer uses the encrypted key with the data value changes in the producer stream and posts them into the relevant data table of the data buyer and the device of the data buyer initiates or triggers server actions and events upon confirmation of changes to data values for the data buyer.

FIG. 14C-14G shows exemplary smart insurance systems for dynamically adjusting costs of insurance or rental of IOT devices, but the system can be applied to dynamically adjusting healthcare insurance cost based on the user behavior. In one embodiment for car insurance, the system includes the following:

-   -   1. A method for pricing insurance based on driver behavior, the         method comprising:         -   mounting at least one camera and one or more sensors to             detect acceleration, speed, and positioning data in a             vehicle;         -   monitoring at least one parameter associated with a driver             behavior while the vehicle is being driven;         -   transmitting the at least one parameter associated with the             deriver to at least one server over a communication network;         -   adjusting insurance rate for the driver based on the at             least one parameter associated with the driver behavior.     -   2. The method of claim 1, wherein the method further comprises         providing feedback to the driver based on the at least one         parameter associated with the driver behavior.     -   3. The method of claim 1, wherein monitoring at least one         parameter associated with the deriver behavior further         comprises: monitoring driver behavior data from an on-board         vehicle diagnostic system.     -   4. The method of claim 3, wherein the driver behavior data         comprise parameters at least one of: vehicle speed, vehicle         accelerations, vehicle location, seatbelt use, wireless device         use, turn signal use, detection of ethanol vapor, driver seating         position, and time.     -   5. The method of claim 1, wherein the on-board vehicle         diagnostic system comprises sensors, cameras, gyroscope, and         magnetometer.     -   6. The method of claim 1, wherein the method further comprises         providing feedback to the driver based on the at least one         parameter associated with the driver behavior.     -   7. The method of claim 1, wherein the method further comprises         matching the at least one behavior parameter of the driver with         similar behavior parameters of a plurality of drivers.     -   8. The method of claim 7, wherein the method further comprises         providing recommendations to based on best matching behavior         parameters.     -   9. The method of claim 1, wherein the method further comprises         mounting the at least one camera in the vehicle to capture at         least one view of traffic.     -   10. The method of claim 1, wherein the method further comprises         using image processing techniques to detect objects captured by         the at least one camera.     -   11. The method of claim 1, wherein the method further comprises         mounting the at least one camera in the vehicle to monitor         driver behavior.     -   12. The method of claim 1, wherein the method further comprises         using voice recognition techniques to detect the driver speech.

In another embodiment for IOT short term insurance, the system includes the following:

-   -   1. A method for pricing insurance for rental of an IOT device,         the method comprising:         -   mounting at least one camera and one or more sensors to             detect acceleration, speed, or positioning data in the IOT             device;         -   monitoring at least one parameter associated with a renter             having a behavior with the IOT device;         -   transmitting the at least one parameter associated with the             deriver to at least one server over a communication network;         -   adjusting insurance rate for the renter based on the at             least one parameter; and         -   updating a smart contract with rental terms and conditions             and insurance rate.

Other terms of the smart contract can vary. The size of the rental can impact the price the renter pays. For an IOT car, terms like “compact,” “mid-size,” and “luxury” can vary across rental car companies. To illustrate car sizes, companies usually provide car models or suggest how many passengers the car seats safely. If the rental plans are flexible, the renter may be able to rent a car when price breaks are available. Try searching for specials geared to the length of time the renter needs the vehicle. The smart contract can specify particular minimum driving records when customers arrive at the counter, and reject those whose records don't meet company standards. Renters may be rejected if they have recent reckless driving, seat belt law violations, accidents, leaving the scene of an accident, convictions for Driving While Intoxicated (DWI) or Driving Under the Influence (DUI), driving with an invalid, suspended, or revoked license. Other items can include Taxes, Early or Late Return Fees, Airport Surcharges, Fuel Charges, Mileage Fees, Roadside Assistance Fees, Out-of-State Charges, Drop-Off Fees, Equipment-Rental Fees, Additional-Driver Fees, Underage-Driver Fees, for example.

FIG. 14D shows a process to collect user behavior using the IOT device, and dynamically determines insurance risk rate and outputs the rate change in response to user behavior as the behaviors occur.

FIG. 14E shows an exemplary process to collect user behavior using the IOT device, and based on population data, determines behavioral changes that reduce the risk rate and informs the user on savings if the user changes the behavior and rewards the user as the behaviors occur.

FIG. 14F shows a system that collects user behavior using the IOT device over the blockchain entries for authentication, and dynamically determines risk rate for either insurance or rent pricing, and outputs the rate change in response to user behavior as the behaviors occur.

FIG. 14G shows an exemplary system where IOT devices such as robots or smart cars communicate securely with each other using blockchain for authenticating messages.

FIG. 14H illustrates a system 400 for generating future contracted product offerings according to an embodiment. System 400 comprises a market parameter generator 408 coupled for real-time monitoring of data related to a future contracted product market 410. Real-time market data refers to data reflecting current market conditions as trading in the market takes place. Examples of real-time market data provided to real-time market parameter generator 108 include wholesale over-the-counter future contracted product options market data, wholesale future contracted product options over-the-counter forward market and futures market data, and spot prices for retail future contracted product as well as spot prices for wholesale future contracted product. In an alternative embodiment, a market parameter generator may be configured to periodically and/or intermittently query current values for market parameters. Exemplary products include farm products, electricity products, energy products, commodities, among others. Such products or commodities can be traded using the smart contact and the system 400.

A market history analyzer 415 is coupled to receive and/or record observable real-time market data and/or historical records of market data related to market 110. The market history analyzer may record and store observed market data and/or historical market data accumulated historically and received by the market history analyzer. In that manner, market history analyzer 115 develops data related to the historical performance of the market. In one embodiment of the Future contracted product Offering Generator, market data includes retail electricity spot prices and wholesale electricity spot prices.

A product matrix generator 425 is coupled to the market parameter generator 108 and to the market history analyzer 415. Product matrix generator 425 is configured to the behavior of market 110. Product matrix generator 425 operates on the parameters it receives from real-time market parameter generator 408 and market history analyzer 415 in accordance with a stochastic model of the dynamics of the market 410. In one implementation, the product matrix generator 425 may consider some of the market variables and/or other input parameters. Product matrix generator 425 may solve a stochastic differential equation to provide a commodity volatility model based on the input parameters.

In one embodiment, the matrix generator 425 is configured to solve stochastic differential equations for market models using parameters provided by real-time market parameter generator 108 and market history analyzer 415. Among other parameters provided by real-time market parameter generator 108 and market history analyzer 415, parameters reflecting retail future contracted product sales activity may be collected and provided to real-time market parameter generator 408 and market history analyzer 415 in embodiments of the Future contracted product Offering Generator.

For example, in one embodiment of the Future contracted product Offering Generator, the matrix generator 425 is configured to process spot price spread information provided by real-time market parameter generator 408. The spot price spread information is related to a difference between a retail future contracted product spot price and a wholesale future contracted product spot price. Matrix generator 425 processes the spot price spread information in accordance with a stochastic model. In embodiments of the Future contracted product Offering Generator, the matrix generator 425 is further configured to process retail future contracted product forward curve parameters in accordance with a stochastic model. The retail forward curve parameters may be provided by the market history analyzer 415. In another embodiment of the Future contracted product Offering Generator, the matrix generator 425 may further solve alternative market models that are adapted and/or deemed suitable for use in embodiments of the Future contracted product Offering Generator.

In one embodiment of the Future contracted product Offering Generator, the matrix generator 425 receives market parameters from real-time market parameter generator 108 and from market history analyzer 415. Product matrix generator 425 processes and analyzes the information to provide a solution for the adapted stochastic differential equation (SDE). Product matrix generator 425 may be coupled to price information generator 430 and configured to provide the solution thereto. Based upon the solution it receives from product matrix generator 125, price information generator 430 may provide data representing a product price at an output in one implementation. In an embodiment of the Future contracted product Offering Generator, the price information generator 430 may also provide data representing price sensitivity at an output. In one implementation, the price sensitivity may indicate price sensitivity not only with respect to wholesale future contracted product markets but also with respect to retail future contracted product prices, and/or with respect to other input variables received from real-time market parameter generator 408, market history analyzer 405, and/or product modeler 420.

In one embodiment, the system 400 further comprises a product modeler 120. Product modeler 120 is coupled to at least one computer system 402. In some embodiments of the Future contracted product Offering Generator, the product modeler 120 is coupled to two electronic agents or robots 402 and 404. In embodiments of the Future contracted product Offering Generator at least one of computer agent or robot 402 and 404 comprises a future contracted product offering Purchaser computer. In some embodiments, the future contracted product offering Purchaser computer may be coupled to product modeler 420 via a communications network, such as the Internet. A future contracted product purchaser may enter information related to a future contracted product, such as a future contracted product offering, using the future contracted product offering Purchaser computer. The future contracted product offering Purchaser computer transmits the information to product modeler 420. In one implementation, the product modeler 420 may use the information from the future contracted product offering Purchaser to determine features of a financial product to be modeled by product modeler 420.

In one embodiment, the Future contracted product Offering Generator 400 comprises at least one Distributor computer system 404. Distributor computer system 404 is coupled to product modeler 420 and may enable a Distributor to define characteristics of a financial product comprising future contracted product offerings to be offered to a consumer. In that embodiment a Distributor inputs data to Distributor computer 404. Distributor computer 404 provides the data to product modeler 420. Product modeler 420 models the financial product in accordance with the characteristics provided by Distributor computer system 404.

Product modeler 420 is coupled to product matrix generator 425. Based upon inputs from at least one of a future contracted product purchaser computer or smart agent 402 and a Distributor computer or smart agent 404 product modeler 420 generates data representing features of a financial product. System 400 determines the price of the financial product based upon product data provided by product modeler 420, real-time market parameters provided by real-time market parameter generator and on historical market data provided by market history analyzer 415.

In one embodiment of the Future contracted product Offering Generator, the matrix generator 425 is coupled to a consumer behavior modeler 470. Consumer behavior modeler 470 receives data representing Purchaser (e.g., consumer) behavior with respect to future contracted product offering execution and/or purchase, ownership, exercising, and/or the like. Based upon the behavior data consumer behavior modeler 470 provides Purchaser and/or consumer behavior parameters to matrix generator 425. In that embodiment, matrix generator 425 considers the Purchaser and/or consumer behavior in calculating price for a financial product.

In one implementation of the Future contracted product Offering Generator, a future contracted product offering comprises a product related to future purchases of future contracted product in a retail future contracted product market. Both the retail and the wholesale future contracted product markets are observed. Observable wholesale future contracted product market parameters include wholesale future contracted product over-the-counter (OTC) options information, wholesale product over-the-counter (OTC) forward market data in a wholesale future contracted product market. Future contracted product market data including retail future contracted product spot price information is obtained. Market parameters related to current market conditions are generated based on the observed future contracted product market condition 411. At least one generated market parameter related to current market conditions is wholesale-retail spot price spread in one implementation. Other generated market parameters may include a wholesale implied volatility and a wholesale forward curve. In one embodiment, parameters related to current market conditions are sampled and stored to provide historical data describing past market behavior 413. One sampled and stored parameter used in one implementation to provide historical data is retail future contracted product market spot price. Thus historical data related to retail future contracted product spot price is acquired. Historical data, such as data related to retail future contracted product spot price, may be analyzed 419. The analysis may, in one implementation, consider retail future contracted product market information. The data is used to estimate parameters of models for future contracted product market behavior 421. Examples of generated future contracted product market behavior parameters may include retail implied volatility, wholesale mean reversion, retail forward curve and retail mean reversion. The indicators of future contracted product market behavior and the parameters related to current market conditions are analyzed 423. In one embodiment of the Future contracted product Offering Generator, the analyzing step is carried out by stochastic modeling. Price information for the future contracted product offering is generated 443. In one embodiment of the Future contracted product Offering Generator, price sensitivity information related to the future contracted product offering is generated 444. In further embodiments of the invention Purchaser and/or consumer behavior may be observed 441. Data related to Purchaser and/or consumer behavior is obtained based on the observations. In one embodiment of the invention Purchaser and/or consumer behavior data is analyzed 442 as considered in an analyzing step 423 as a factor in generating price information 443.

A buyer agent can now electronically enter into a smart contract with the price generator. In one implementation, a Contract Provider Agent executing the system 400 may price offerings, make them available to a Purchaser market, execute Purchaser offering purchases, and honor Purchaser offering exercises. In another implementation, the Provider may price offerings and make them available to an intermediary Distributor entity, who may provide them to a Purchaser market and interface with Purchasers for offer purchases and exercises. The contracts between the provider agent and the buyer agents (and the distributor agents such as the agents handling trip planning and delivery, for example) use the smart contract discussed above. A future contracted product offering may include specific details regarding the terms and conditions such as product type, quantity, Strike Price, Duration or Tenor and Premium, along with blockchain identifiers (IDs) that uniquely link the contract to the parties. The contracts can be automatically executed by the agents as needed, thus distributing the decision making to the last possible moment with current condition and optimizing cost/benefits.

In an effort to offset, mitigate, and/or eliminate some amount of risk associated with the sale of offerings, the Provider may elect to select, purchase, and/or manage a portfolio of hedging instruments. A Provider devised hedging portfolio may be comprised of a variety of different types of holdings in various implementations that may include but are not limited to equities, debts, derivatives, synthetics, notes, stocks, preferred shares, bonds, debentures, options, futures, swaps, rights, warrants, commodities, currencies, long and/or short positions, ETFs, and/or other assets or investment interests. In one implementation, a Provider devised hedging portfolio may be comprised of forward contracts and/or futures of exchange or over-the-counter (OTC) traded wholesale future contracted product options, product options, and/or the like. Sensitivity data provides information describing the degree to which a particular input variable (e.g., a market parameter) affects the strike price and/or premium of an offering. Counteracting the risk associated with an offering may, therefore, be accomplished by seeking instruments whose sensitivity to input variables is similar in magnitude but opposite in direction to offering sensitivities. Observed offering execution and exercise practices and/or trends of Purchasers may further affect Provider hedging strategies and/or practices. For example, an observation of sub-optimal exercise of offerings by Purchasers may indicate to a Provider that a smaller purchase of hedging instruments will suffice to offset the risk associated with the offerings. In the extreme case, wherein the offerings are never exercised under any circumstances, the Provider would have no need for hedging instruments at all.

The Purchaser may be an electronic agent or entity who desires to purchase future contracted product offering to mitigate future contracted product costs over some period of time. In accordance with this goal, a number of future contracted product offerings may be made available for purchase by the Distributor agent, among others.

In one example, an agent or machine acting as a Product Purchaser purchases a future contracted product offering with a particular strike price for certain future contracted product volume (N) using the smart contract with a blockchain ID. At some point subsequent to the purchase of the future contracted product offering, the Purchaser may decide to purchase X amount of future contracted product. In so doing, the Purchaser may elect to exercise the offering on the future contracted product purchase of X, generally depending upon the market price of future contracted product at the time of purchase. In the case where the cost of future contracted product is less than the strike price, it does not make economic sense for the Purchaser agent/machine to exercise the offering, for reasons described above, and in such a situation, the Purchaser may simply enter into a smart contract to purchase the product at the market price. Alternatively, in the case where the cost of future contracted product is greater than the strike price, particularly where the cost of future contracted product is greater than the strike price+premium, it may make economic sense to exercise the future contracted product offering, though the Purchaser may not necessarily exercise the future contracted product offering (e.g., if the Purchaser expects the cost of future contracted product to be even higher the next day). In some embodiments, the future contracted product offering may be automatically exercised whenever the cost of future contracted product is greater than the strike, or alternatively, the strike+premium. In another embodiment, the future contracted product offering is not exercised automatically. If the Purchaser decides to exercise the future contracted product offering, the Purchaser profile (e.g., a data file that includes information regard the Purchaser's future contracted product offering(s)) or like information source regarding the future contracted product offering may be queried using the blockchain ID to determine the unused future contracted product volume (R) remaining for the future contracted product offering. A determination is then made as to whether the remaining volume (R) is equal to or greater than purchase volume (X). If not, then the Purchaser enters into another agreement for the full purchase at market rate. In another embodiment the Purchaser may be able to exercise the future contracted product offering for a partial amount of the full purchase (i.e., for the remaining volume). Otherwise, a determination is made regarding whether the prevailing product price (or other price, such as the national average price, as indicated by the implementation) is greater than the strike price. If so, the Purchaser's account is credited with the difference (D) between the strike price and the pump price, multiplied by the amount purchased. Otherwise, in the case where the prevailing pump price is determined to be less than the strike price, the Purchaser pays the prevailing pump price.

The blockchain can facilitate self-organization by providing a self-management platform for companies, NGOs, foundations, government agencies, academics, and individual citizens. Parties can interact and exchange information on a global and transparent scale—think of Google Cloud, but larger and less risky. Smart contracts can ensure that electorates can be elected by the people for the people so that government is what it's meant to be. The contracts specify the electorate's expectations and electors will get paid only once they do what the electorate demanded rather than what funders desired.

The system provides smart Blockchain Identity. The passport is stored on the ledger, given a Bitcoin address with a public IP, and confirmed by Blockchain users. The blockchain can make record-keeping more reliable by encrypting birth and death certification and empowering citizens to access this crucial information. The passport or personal ID can have smart agents execute tasks that are secure, traceable and anonymous.

One embodiment includes a reference to a physical government ID or a physically signed contract in the smart contract, and vice versa, as follows:

(a) deploy the smart contract in question, record its address on the blockchain, and include that address in the real contract

(b) hash the corresponding real-world contract, record its hash digest, store the real contract in a safe space,

(c) send a transaction to the smart contract that includes the real contract's hash in its metadata; the contract then stores that piece of information in its own, internal database. In this manner, the system can prove the link between the actions on the blockchain and the expected outcome in the physical world

An IoT manufacturer deploys a smart contract that allows IoT devices to store the hash of the latest firmware update on the network. The devices either ship with the smart contract's address hard coded into the blockchain client, or the devices find out about it via a discovery service. The devices can then query the contract, find out about the new firmware, and request it by its hash via a distributed peer-to-peer filesystem such as IPFS. Assuming the devices are configured so as to share the binary they got, a device that joins the network long after the manufacturer has stopped participating in it, can still retrieve the firmware update and be assured that it is the right file. This all happens automatically, without any user interaction.

In another example, a blockchain network where cryptocurrency is exchanged provides a convenient billing layer and paves the way for a marketplace of services between devices. In the example above, devices that store a copy of the binary may charge for serving it, in order to sustain their infrastructure costs (or simply to make a profit). Devices can “rent their disk space”. API calls are monetized where the caller needs to provide the necessary micropayment (in Bitcoin or Ethereum respectively) before requesting them. With a cryptocurrency in place, every device can have its own bank account on the Internet; it can then expose its resources to other devices (or users) and get compensated for their usage via microtransactions. This also facilitates the sharing of services and property in general.

Smart electronic locks can be unlocked with a device that carries the appropriate token. These tokens are bought on the Ethereum blockchain, a public blockchain network optimized for smart contracts that uses its own cryptocurrency, called Ether. The owner of a smart lock that wishes to rent their house or car sets a price for timed access to that electronic door lock. An interested party can use a mobile app to identify the lock, pay the requested amount in Ethers, then communicate with the lock via a properly signed message to unlock it. Billing is simplified by having all the locks operating on the same blockchain.

In block diagrams, illustrated components are depicted as discrete functional blocks, but embodiments are not limited to systems in which the functionality described herein is organized as illustrated. The functionality provided by each of the components may be provided by software or hardware modules that are differently organized than is presently depicted, for example such software or hardware may be intermingled, conjoined, replicated, broken up, distributed (e.g. within a data center or geographically), or otherwise differently organized. The functionality described herein may be provided by one or more processors of one or more computers executing code stored on a tangible, non-transitory, machine readable medium. In some cases, third party content delivery networks may host some or all of the information conveyed over networks, in which case, to the extent information (e.g., content) is said to be supplied or otherwise provided, the information may be provided by sending instructions to retrieve that information from a content delivery network.

In one embodiment, a computer system includes:

-   -   a smart contract with computer-readable program code executable         by a processing circuit for:     -   embedding key data in each term of the smart contract, the key         data being associated with a blockchain identification and         usable to conduct a transaction a, wherein a record of the         transaction becomes visible in a transaction ledger;     -   monitoring the transaction ledger to determine whether a         transaction against the blockchain identification has occurred;     -   applying a contract expert module to interpret contract terms;         and     -   enforcing the smart contract at the machine level if no dispute         and otherwise enforcing the smart contract by court, arbitration         or administrative agency using a contract management system         (CMS).

Implementations can include one or more of the following:

-   -   holding a store of value at a bank or escrow to pay for         completion of contract terms.     -   verifying completion of contractual terms using a third party         computer agent.     -   owners of IoT devices and sensors share generated IoT data in         exchange for real-time micropayments.     -   producing energy produced by IoT energy harvester generates         cryptocurrency value registered on the blockchain.     -   placing a Bill of Lading on a blockchain and terms of the         shipping contract are executed in code based on real-time data         provided from IoT devices (Smart Agents) accompanying shipping         containers.     -   blockchain in auto supply chains.     -   providing real-time information from sensor data from various         vehicle parts are integrated with blockchain to make real-time         decisions and transactions involving services and payments.     -   recording environmental conditions during the shipment of one or         more products and during a change of ownership, checking         collected data against each product's corresponding smart         contract in the Ethereum blockchain.     -   performing contract negotiations among IOT devices.     -   a first IOT device managing a cost of the device, wherein the         IOT device negotiates power reduction or power from another IOT         device to optimize the cost.     -   placing a resupply or maintenance request with device location.     -   using blockchain-enabled smart contracts to ensure that the         appropriate parties are notified of noncompliant events and         automatically enforce privacy regulations; rules embedded via         smart contracts dictate what they can see and when. Moreover, as         data and transactions are shifted or linked to blockchains,         organizations can track who has shared data and with whom,         without revealing the data itself.     -   recording a lifecycle of a product by storing manufacturing,         diagnostic and maintenance and end-of-life data on a blockchain.     -   lending an item with lending terms in the smart contract.     -   receiving a request for lending an item; generating as contract         terms an owner identifier that has the right to use and lend the         item, an identifier of the item, and the lendable number of         times of the item; a borrower identifier specified by the owner,         and a lending period matching the borrower identifier; and         unlocking the item for use during the lending period according         to contract terms.         -   a. for record keeping: providing an irreversible, secure,             time-stamped record of the creation of IP;         -   b. to register and clear IP rights;         -   c. to control and track the distribution of (un-)registered             IP rights;         -   d. to provide evidence of first use in commerce/trade and/or             (genuine) use of a trade mark;         -   e. to establish and enforce IP contracts, licences etc             through smart contracts;         -   f. to transmit payments in real-time to IP owners;         -   g. for authentication: detection of counterfeit or fake             goods;         -   h. provenance: detection and retrieval of stolen goods;         -   i. detection of grey or parallel imported goods; and         -   j. enforcement of exclusive distribution networks.

In another scenario, a user may wish to borrow money for the purpose of buying a product or good in a social network. The blockchain ID of the product can be recorded with the financing transaction showing that the funder paid for the good but ownership is with the borrower, effecting a lien to each lender that is extinguished only by full payment or consent of the lender; and upon full payment to lenders, a smart contract indicates in each lending blockchain entry that the debt has been paid off and the lien on the good or product is extinguished so that the buyer can resell the good/product if desired.

A recommendation may be provided to the user automatically upon finishing the item (e.g., after reading an entire eBook) to lend his or her item to another user in the social network. The system that generates the recommendations may be configured to recommend lending to users based on distance or reputation in the social network or to users with high lending metrics more so than other users.

In another scenario, the user may have items to lend and may also wish to borrow non-monetary items. A loan-matching infrastructure may identify another user with complementary lendable items and borrowing desires. The loan matching may additionally function as a mechanism for introducing users that are in the same social network but not yet connected to one another in that social network, or it may serve to strengthen the relationship between users who are already connected.

As a further scenario, the architecture may enable a user with a lendable item to broadcast and/or narrowcast the availability of the item to just friends or to many other users. One of multiple users that respond to the broadcast/narrowcast may be selected based on speed of response, lending metric, social network relationship, and the like. For items that are able to be lent only a limited number of times, this technique of soliciting many responses may assist the user in deciding which user or users are allowed to borrow the item.

The process for establishing and/or managing a group of members in a rotating credit association (RCA) is as follows in one implementation:

Organizer joins a social network (152) Organizer applies to create a Lending Group (154) System authenticates the Organizer and determines how much the Lending Group can lend based on Organizer's social connection and other indicia of financial trustworthiness (156) Organizer determines group size, total amount disbursed for a period, and amount each member is expected to contribute for each period (158) Organizer identifies potential members and System authenticates each potential member based on the member's social connection and other indicia of financial trustworthiness (160) Organizer invites selected members to join the Group (162) System collects payments from members of the Group with blockchain smart contract (164) Based on terms of the smart contract, system selects a member who will receive the current Group payment, distributes periodic award to member, and removes member from future award for the rest of the year (166) System flags members who don't pay or fail to meet the terms of the agreement and shows such status to the member's friends (168)

The systems and methodologies for self-financing, and rotating credit associations incorporating or implementing these systems and methodologies, have been provided herein that offer an attractive alternative to conventional consumer credit and savings systems for persons, such as immigrants and minorities, who may have nontraditional credit histories or who are otherwise disadvantaged in the underwriting processes attendant to most consumer loans. The systems and methodologies, which feature rotating credit associations in which the members are trustworthy due to their social network links, and backed up when the number of group members making payments to a common fund is greater than the number of time intervals (typically months) or dates over which awards are made from the common fund, and further buttressed by insurance, can tolerate a high percentage of defaults or membership cancellations by its participants without becoming insolvent.

One embodiment provides a pooled investment fund in accordance with certain embodiments of the present invention. In certain embodiments, the exemplary method may be executed in whole or part by the protocols included in the users' cryptographic wallets. A security fund is created by embedding one or more blocks on a blockchain ledger which at least include data associated with a base security document, a set of one or more security rules and ownership of the security fund. The base security document may represent a document that specifies the terms, conditions and other details related to the implementation and management of the security fund. The issuer may initially be designated as the owner of the security fund. The terms of the smart contract are defined and can include compliance rules with government security rules, system regulations and restrictions.

Exemplary information that may be embedded into the data tokens and blockchain ledger may include: Issuer Identification (ID), Investor ID, Product ID, Security Type Data, Regulatory and Restriction Data, Transaction History on previous purchasers and sellers that exchanged the security and/or any information relevant to any of the transactions involving the security, Share Amount, Investor Compliance Information on anti-money laundering laws, know your customer guidelines or other types of compliance regulations, etc., Investor Suitability, Beneficial Ownership.

Other relevant information may also be embedded into the data tokens, and that the embedded information may vary based on the type of security product. Any and all of the above data may also be embedded or included in entries that are added to the blockchain ledger. For example, data tokens and blockchain ledger may include embedded information that includes an executive summary, a comprehensive description for the security, base security documents related to the creation of the security, and other documentation. Alternatively, a link or cypher that is used to identify and/or access a location (e.g., via a network address associated with the platform) where this information can be retrieved.

The security or loan offering is then placed on the blockchain ledger, and broadcasted to prospective members. The members in turn review and invest by accepting the terms of the smart contracts and fund the investment. The blockchain is updated to reflect smart contracts execution by investors in connection with a security offering. The blocks that are appended to the blockchain ledger may be utilized to update the ownership status of the security fund and may specify investments made by the investors. The blocks may link back to one or more prior blocks on the ledger which are associated with the security fund. One or more corresponding data tokens may then be transferred to each of the investors.

The investments submitted by the investors may be pooled together to monetize the security offering. When the investors are submitting information in connection with the smart contract, the investors may place money or other currency in escrow to secure payment in connection with the investment. Once the contract is confirmed and the blockchain ledger is appended with a corresponding entry, the money or other currency may be transferred into the investment pool.

In one embodiment, the security offering can be used to invest in individual companies such as start-ups seeking crowd-funding. In this embodiment, the issuer ID is the startup name with ID linked to a secretary of state or a law firm.

In another embodiment, the security offering can be loan where borrowers seeking to borrow from the security fund. Purchases by the borrowers with the loan are also on the blockchain ledger and are linked to the pooled investment fund as security for the loan. Thus, loans for housing can be provided at a cheaper rate than loans for vacations, for example. The smart contracts may retrieve the security rules to configure themselves to implement any specified regulations and restrictions. The blocks appended to the blockchain ledger stores the borrowing amount of each borrower and identity of each borrower. The blocks may link back to one or more prior blocks on the blockchain ledger which are associated with the security fund. One or more corresponding data tokens may then be transferred to each of the investors to represent the borrowing debt associated with the portfolios that are maintained by their cryptographic wallets.

The system thus allows microloans to be funded and applied in a secure and automated low cost manner.

FIGS. 14I-14J show exemplary blockchain energy delivery system that can service IOT robots and households using smart contracts, among others. Renewable energy certificate provides accumulates, distributes, or otherwise sells “green tags”. The RECs, also known as green tags, renewable energy credits, or tradable renewable certificates (TRC's), are tradable environmental commodities that represent proof that one megawatt-hour (MWh) of electricity was generated from an eligible renewable energy resource. However, conventional system can't track the source of the RECs. One embodiment of the system uses power packet dispatching, as shown in FIG. 14I, where N power sources (identified using blockchains) supply the power to M loads based on the demand. The loads can pay the source with tokens or coins, and the payment can be contractual in nature. For example, the buyer can hedge its purchases by buying in advance from one or more sources. Similarly, the sources can sell energy in advance and the contract information can be included in the contract portion of Ethereum blockchain body in one embodiment. As shown in FIG. 14I, the mixer governs the order of power packets from power sources to transfer and the routers dispatch them to loads. The power line network fundamentally has tie and loop line connections. Before discussing the configuration and networking problems, it is significant to confirm the packet transfer through one power line from multiple sources to paralleled loads. Therefore, in the following discussions, N and M are set at the lowest number 2. It does not lose the generality to confirm the feasibility of packet transfer in the grid network. A power packet is a voltage wave, with a header, a payload with blockchain ID, and a footer. A header consists of a start signal and an address signal, a payload carries power, and a footer consists of an end signal as in FIG. 14J. Distribution from two power sources to two loads is performed by time division multiplexing (TDM). A mixer forms power packets by switching from a dc power source. The power packets are delivered from the mixer to a router through one transmission line. When the router receives power packets, they are sorted based on their blockchain information and sent to routers or objective loads.

Each energy supplier and consumer operates autonomously based on their local policy, algorithms and rules, initiating the power transfers appropriately. The energy is tagged with identification information stored in the blockchain including generation source, route of delivery, storage device (if any) and end user (energy consumer). When energy storage is used, the usual restriction that energy must be produced and consumed at the same time is relaxed. Storage enables flexible commercial trading so energy can be reserved for future use, and the time of delivery can be selected by the energy user. Energy flows are monitored by built-in metering devices and recorded together with reservation information, including time, seller, buyer, price, energy source, energy amount, among others. These records are in the distributed ledger or block chain and will be like a bankbook for ordinary financial transactions.

The body of the blockchain can incorporate several types of messages that the active grid elements (for example, an ALC manager) may receive from a coordinator and process accordingly. By way of example and not limitation, a security alert message, a priority message, a report trigger message, a status response message, a status update message, a power savings message, and combinations thereof. A security alert message originates from an optional security or safety monitoring system installed in the residence or business and coupled to the active grid element(s) (e.g., wirelessly or via a wired connection). When a security alert message is received by the Coordinator, it accesses the database to obtain routing information for determining where to send the alert, and then sends the alert as directed to those active grid elements affected or associated with the alert messaging. For example, the Coordinator may be programmed to send the alert or another message (e.g., IP-based message, an electronic mail message, a pre-recorded voice message, and combinations thereof) to a security monitoring service company and/or the owner of the residence or business.

Energy consumption patterns associated with active grid elements are subject to analysis that may be used for a variety of different types of activities. For example, based on the energy consumption patterns created from this data, the Coordinator will derive performance curves and/or data matrices for each service point to which the active grid elements are attached and determine the amount of energy reduction that can be realized from each active grid element and its functionality within the electric power grid. The Coordinator(s) create a list of service points associated with the active grid elements through which energy consumption can be reduced via demand side management, interruptible load, or spinning/regulation reserves. This information can be manipulated by the Coordinator and/or ALD processes to create a prioritized, rotational order of control, called “intelligent load rotation” which is described in detail below. This rotational shifting of the burden of the interruptible load has the practical effect of reducing and flattening the utility load curve while allowing the serving utility to effectively group its customers within the ALD or its own databases by energy efficiency.

Augmented Reality/Virtual Reality Sports Gaming

FIG. 15 shows an exemplary 360 degree camera on a helmet, for example, for augmenting reality of sport games. Using augmented reality, various ways may exist for a user to “participate” in a live event. Generally, augmented reality refers to a presentation of a real world environment augmented with computer-generated data (such as sound, video, graphics or other data). In some embodiments, augmented reality, implemented in conjunction with a live event, may allow a user to control a virtual object that appears to compete or otherwise interact with the participants of the live event. For example, an end user device, such as a mobile phone, tablet computer, laptop computer, or gaming console may be used to present a live video feed of an event to a user

FIG. 15A shows a multi-headed camera array 423 that may be at least part of a modular camera system, with each camera forming a module of the modular camera system. The camera array has a flexible structure so that it is easy to remove a particular camera module from the camera array and to add new camera modules to the camera array. The camera modules in the camera array may be configured in different geometries. For example, the camera array includes multiple camera modules arranged in a line, a cylinder, a sphere, or another geometry. Each camera module may be configured to point to a different direction so that the camera array may capture an object or a scene from multiple directions at the same time.

The camera system described herein may additionally include a set of algorithms for processing the video data captured by the camera array. The set of algorithms are stored on a non-transitory memory for converting the input across multiple camera modules into a single stream of 3D video (e.g., a single compressed stream of 3D video data). The set of algorithms may be implemented in one or more “modules”. For example, the set of algorithms includes color correction algorithms for smoothing and correcting colors in the video data. In another example, the set of algorithms may be implemented in software that stitches the video data from multiple cameras into two large-format, panoramic video streams for left and right eye viewing, and encodes and compresses the video using a standard MPEG format or other suitable encoding/compression format.

The camera array 423 may be constructed using various configurations. For example, the camera modules may be configured in different geometries (e.g., a sphere, a line, a cylinder, a cone, a cube, etc.) with the corresponding lenses 113 facing in different directions. For example, the camera modules are positioned within the camera array 423 in a honeycomb pattern where each of the compartments form an aperture where a camera module may be inserted. In another example, the camera array 423 includes multiple lenses along a horizontal axis and a smaller number of lenses on a vertical axis.

In some embodiments, the camera modules in the camera array 423 are oriented around a sphere in different directions with sufficient diameter and field-of-view to capture enough view disparity to render stereoscopic images. For the athlete/participant who wish to enhance their gaming via augmented or virtual reality, features may include the following: A method for using augmented reality, the method comprising: receiving, by a computerized device, a data stream with a 360 degree view of a live event on each participant, wherein the data stream comprises live video augmented with positions of team mates and opposing players and recommends a play routine based on live field condition and positions of other players, wherein the user can select a point of view from a selected participant.

FIG. 15 shows an exemplary recommender to aid an athlete in improving the game. For example, the process can recommend a strategy in light of the opponent's historical performance. In tennis, a player's historical weakness can be ascertained and a recommendation can be made to optimize success.

The data can be stored as part of a blockchain secured data distribution. Blockchain distribution can provide benefits in a heterogeneous device environment, facilitate ad hoc device synchronization, and embody a distributed patch and communications network. Devices can receive a blockchain block from another device and, in some embodiments, enable other devices to access the block from the device. In some embodiments, devices can discard irrelevant blocks, however, an entire blockchain can be reconstructed where partial blockchains can be received from more than one device. Additionally, checkpoint blocks can enable devices to navigate the blockchain efficiently by skipping over known irrelevant blocks.

To secure data distribution, the device's operation includes one or more of:

receiving a blockchain block comprising an identifier and a payload, wherein the identifier is associated with determining a relevancy of the payload to a device; and in response to determining that the identifier satisfies a rule related to a characteristic of the device, employing the payload by the device.

storing a portion of a blockchain comprising the blockchain block at the device; and facilitating access to the blockchain block by another device.

portion of the blockchain is all of the blockchain.

payload can include code to alter code in the device.

rule relates to a brand, type, class, series, or model of the device.

rule relates to a version of software or firmware of the device.

employing the payload by the device causes the device to access another blockchain block.

verifying a transaction between a first party and a second party using a blockchain, further including initiating a transaction regarding a transfer of electronic content from the first party to the second party; compiling, by the first party, a body of electronic information regarding the electronic content into an package; submitting, by the first party, the package to a blockchain node; validating, by the blockchain node, the transaction; and adding, by the blockchain node, details of the transaction to a pending block of the blockchain.

processing a pending block and appending information to a prior blockchain, wherein the processing is performed after an elapse of a predetermined time interval.

compiling includes encrypting the envelope, the body of electronic information, and a key.

validating includes a utilization of a public key of the first party.

propagating, by the blockchain node, details of the validated transaction to the blockchain.

The present system machine processes contracts that have smart contract validation rules and executable byte codes inside of the smart contracts, and a contract management software (CMS) that processes the rules to, inter alia, determine the validity of the smart contract.

In one aspect, a computer system includes:

a store of value to pay for completion of contract terms;

a smart contract with computer-readable program code executable by a processing circuit for:

embedding key data in each term of the smart contract, the key data being associated with the store of value and usable to conduct a transaction against the store of value, wherein a record of the transaction becomes visible in a transaction ledger;

monitoring the transaction ledger to determine whether a transaction against the store of value has occurred; and

designating the term as completed and verified by a third party in the event that a transaction against the store of value has occurred; and

-   -   an arbitration computer to adjudicate terms of the smart         contract and enforcing the smart contract.

In another aspect, a computer program product for monitoring compliance with a smart contract, the computer program product comprising a non-transitory computer-readable medium having stored computer-readable program code, the computer-readable program code executable by a processing circuit for:

embedding key data in each term of the smart contract, the key data being associated with a store of value and usable to conduct a transaction against the store of value, wherein a record of the transaction becomes visible in a transaction ledger;

monitoring the transaction ledger to determine whether a transaction against the store of value has occurred; and

designating the term as completed and verified by a third party in the event that a transaction against the store of value has occurred.

In implementations, a digital contract according to one embodiment can be dynamically generated by a CMS within an entity, for example a terminal, filled in, signed, passed to another entity (a person or a computer), signed by the entity's CMS, passed back and verified on the spot, and it is the inclusion of computer readable rules within the contract that makes it possible to so automatically and easily validate the contract. For example, it would be possible using the embodiment to sign up to an insurance policy on the Internet and receive the completed contract policy in one sitting.

Further features of the system provide for the computer-readable program code to be executable by the processing circuit to perform the further steps of: storing, in a database, the key data or data derived at least partially therefrom in association with an entity credential of an Offeror machine; if the term is designated as accessed by a third party, identifying the term as satisfied based on the third party access; and in response to determining that a transaction against the store of value has occurred, updating the database to indicate that the key data or data derived at least partially therefrom associated with the entity credential was used to conduct a transaction against the store of value.

Yet further features of the system provide for the store of value to have a balance of digital currency; for the transaction ledger to be a shared public ledger containing records of transactions conducted using the digital currency; for the digital currency to be a blockchain; for the store of value to be a blockchain address; and for the blockchain address to be represented by or derived at least partially from a blockchain public key corresponding to a blockchain private key.

Still further features of the system provide for the key data to include the blockchain private key or an address identifier derived at least partially from the blockchain private key; for conducting a transaction against the store of value to include using at least the blockchain private key to perform a blockchain transaction; and for performing the blockchain transaction to include transferring at least some of a balance of blockchain held at the blockchain address to a second, receiving blockchain address represented by or derived at least partially from a second, receiving blockchain public key.

A further feature of the system provides for one or more of the blockchain private key, the address identifier and the blockchain public key to be associated with an authorized entity authorized to possess the service or item and to be stored, in a database, in association with an entity credential of the authorized entity, wherein if the service or item is designated as accessed by a third party, the authorized entity is identified as the responsible party to be held accountable for the third party access.

Further features of the system provide for the key data to be readable from the service or item by any third party that accesses the service or item either directly or using a software tool; and for the step of embedding key data in the service or item to include embedding a plurality of sets of key data in the service or item.

Yet further features of the system provide for the plurality of sets of key data to provide progressive levels of key data, wherein different software tools are required to access each of the progressive levels or to read the key data from each of the progressive levels; and for a software tool required to access a particular level of key data or to read the key data from the particular level to be made publicly available once it becomes known that techniques are available for removing the key data of a previous level from the service or item.

Still further features of the system provide for the blockchain address to be controlled or managed by a party capable of monitoring the shared public ledger to determine whether a transaction against the store of value has occurred; and for the party controlling or managing the blockchain address to be selected from the group consisting of: an individual having ownership or control of the service or item, a group having ownership or control of the service or item, an authorized entity authorized to possess the service or item, a service or item provider from which one or more authorized entity has requested the service or item, and a third party associated with the service or item provider.

Further features of the system provide for the service or item to be a media item; and for the media item to be a digital or analogue media item selected from the group consisting of: one or more video files, streaming media, one or more image files, one or more audio files, one or more electronic documents, one or more electronic books, one or more textual media files, one or more computer program files, online content and binary data, one or more video recordings and one or more audio recordings.

Yet further features of the system provides for the step of embedding key data in the service or item to include one or more of the steps of: embedding the key data in the service or item using digital watermarking, embedding the key data in the service or item using analogue watermarking, embedding the key data in the service or item as a one-dimensional or two-dimensional barcode, embedding the key data in the service or item as a graphical code, embedding the key data in the service or item using steganography, embedding the key data in the service or item using natural language watermarking or natural language morphology, embedding the key data in the service or item using hidden text or invisible text or binary data embedding, and embedding the key data in the service or item using visible text or visible binary data embedding.

A computer system includes:

a smart contract with computer-readable program code executable by a processing circuit for:

embedding key data in each term of the smart contract, the key data being associated with a blockchain identification and usable to conduct a transaction a, wherein a record of the transaction becomes visible in a transaction ledger;

monitoring the transaction ledger to determine whether a transaction against the blockchain identification has occurred;

applying a contract expert module to interpret contract terms; and

enforcing the smart contract at the machine level if no dispute and otherwise enforcing the smart contract by court, arbitration or administration

The system of can have the following:

comprising holding a store of value at a bank or escrow to pay for completion of contract terms.

comprising verifying completion of contractual terms using a third party computer agent.

owners of IoT devices and sensors share generated IoT data in exchange for real-time micropayments.

producing energy produced by IoT energy harvester generates cryptocurrency value registered on the blockchain.

placing a Bill of Lading on a blockchain and terms of the shipping contract are executed in code based on real-time data provided from IoT devices (Smart Agents) accompanying shipping containers.

applying the blockchain in auto supply chains.

providing real-time information from sensor data from various vehicle parts are integrated with blockchain to make real-time decisions and transactions involving services and payments.

recording environmental conditions during the shipment of one or more products and during a change of ownership, checking collected data against each product's corresponding smart contract in the Ethereum blockchain.

performing contract negotiations among IOT devices.

a first IOT device managing a cost of the device, wherein the IOT device negotiates power reduction or power from another IOT device to optimize the cost.

placing a resupply or maintenance request with device location.

using blockchain-enabled smart contracts to ensure that the appropriate parties are notified of noncompliant events and automatically enforce privacy regulations; rules embedded via smart contracts dictate what they can see and when. Moreover, as data and transactions are shifted or linked to blockchains, organizations can track who has shared data and with whom, without revealing the data itself.

a lifecycle of a product by storing manufacturing, diagnostic and maintenance and end-of-life data on a blockchain.

lending an item with lending terms in the smart contract.

receiving a request for lending an item; generating as contract terms an owner identifier that has the right to use and lend the item, an identifier of the item, and the lendable number of times of the item; a borrower identifier specified by the owner, and a lending period matching the borrower identifier; and unlocking the item for use during the lending period according to contract terms.

One skilled in the art will appreciate that, for this and other processes and methods disclosed herein, the functions performed in the processes and methods may be implemented in differing order. Furthermore, the outlined steps and operations are only provided as examples, and some of the steps and operations may be optional, combined into fewer steps and operations, or expanded into additional steps and operations without detracting from the essence of the disclosed embodiments. Although embodiments of the present inventions have been described in detail, it should be understood that the various changes, substitutions, and alterations can be made hereto without departing from the spirit and scope of the invention. 

What is claimed is:
 1. A device, comprising: a device body; an accelerometer coupled to the body; a camera to capture an image; a module to manage a chain of custody of a user, where one or more images are taken of a person and immutably supplemented with location, and an identity of the person associated with the image is added as a metadata; a wireless transceiver; and a processor coupled to the body and associated with a blockchain with a blockchain address for a secured transaction or for identity management.
 2. The device of claim 1, wherein the processor accesses a digital key in trusted memory to securely sign a blockchain transaction for a contract stored on a decentralized ledger, and wherein the processor stores events on the blockchain relating to identity wherein the identity is used for accessing a computer, building or equipment.
 3. The device of claim 1, comprising a module coupled to the camera for image tagging of one or more objects.
 4. The device of claim 3, wherein the image is stored off or on the blockchain and the image includes embedded information including a signature of a person taking the image.
 5. The device of claim 3, wherein the image includes embedded information including a positioning system coordinate and a temperature.
 6. The device of claim 1, comprising a module to process energy generation or consumption using the blockchain.
 7. The device of claim 1, comprising a module to manage a chain of custody for an object, a plant, a drug or a person.
 8. The method of claim 1, comprising a module to identify a custodian location from one or more of: a seed grower facility, a plant harvester facility, a processing facility, a distribution facility, a retail facility.
 9. The device of claim 1, comprising a sensor to perform one of: photonic, magnetic, x-ray, radio frequency, chemical, microcode, florescence, genetic, electronic analysis, spectroscopy analysis, wherein the analysis is placed on the blockchain.
 10. The device of claim 1, comprising one or more identification tags mixed or dispersed within a facility or plant.
 11. The device of claim 1, comprising medical dispensing machine to provide blockchain data on location and time of each event associated with a medication.
 12. The device of claim 1, comprising a module to trace food or drug from production to distribution to consumption using the blockchain.
 13. The device of claim 1, wherein the blockchain comprises Ethereum or Bitcoin, and the wireless transceiver comprises a cellular transceiver or 802 transceiver.
 14. The device of claim 1, comprising a module to link blockchain addresses to a store, sign cryptocurrency transactions and check a store status.
 15. The device of claim 1, comprising a distributed application (DApp).
 16. The device of claim 1, comprising a module to process a smart contract.
 17. The device of claim 1, comprising a module to transfer currency in a smart contract.
 18. The device of claim 1, comprising a smart phone with a wallet.
 19. A device, comprising: a device body; an accelerometer coupled to the body; a camera to capture an image; a wireless transceiver; a processor coupled to the body and associated with a blockchain with a blockchain address for a secured transaction or for identity management; and a module to manage a chain of custody for Cannabis and a module to manage a chain of custody for a drug with ingredients, where one or more images are taken of drug ingredients and wherein an identity of a person associated with drug production is added as a metadata.
 20. A method, comprising: providing in a device body an accelerometer coupled to the body, a camera to capture an image and a module to manage a chain of custody of a user, capturing one or more images of an object or a person and immutably supplementing the one or more images with location, and an identity of the object or person as metadata; and associating with a blockchain with a blockchain address for a secured transaction or for identity management. 